Re: RFA: Encrypting auth info

From: Mark Phippard <MarkP_at_softlanding.com>
Date: 2005-02-17 17:06:39 CET

Justin Erenkrantz <justin@erenkrantz.com> wrote on 02/17/2005 09:57:32 AM:

> --On Thursday, February 17, 2005 1:07 PM +0100 "Branko ?ibej"
<brane@xbc.nu>
> wrote:
>
> > Wow. This looks like it, all right. Now if only Apache grew a module
that
> > could handle this on Unix (passing on to an NT domain or ADS
server)...
>
> mod_auth_ldap works just fine against AD servers. -- justin

But isn't the issue they are talking about the "automatic" SSPI
authentication where the username/passwords are all exchanged
automatically based on your login to the Windows client? Yes, LDAP
authenticates against AD, but the problem is that Subversion will prompt
for and cache in plain text your AD password. With SSPI it is all handled
at a lower level so the user would never be prompted and nothing would
need to be cached.

There is an SSPI module for Windows Apache, but not other platforms.

Mark

_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. by IBM Email Security Management Services powered by MessageLabs.
_____________________________________________________________________________

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Feb 17 17:07:59 2005

This message: [ Message body ]
Next message: Josh Siegel: "PATCH: simple regexp support in mod_authz_svn"
Previous message: e.huelsmann_at_gmx.net: "[l10n] Translation status for 1.1.x r13043"
In reply to: Justin Erenkrantz: "Re: RFA: Encrypting auth info"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]