[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: On backporting r21531 to 1.4.x.

From: Samay <getafix123_at_hotmail.com>
Date: 2006-10-10 00:29:27 CEST

On 10/9/06, Stefan Küng <tortoisesvn@gmail.com> wrote:
>
> > I'm 90% certain SSPI gives this level of control... of
> > course, if I had to guess, I'd guess neon doesn't give
> > this level of control :-(
>
> I'm 90% certain that SSPI can't give that level of control :)

> If you have the username and password it is pretty easy (in Windows,
> anyway) to temporarily impersonate a user for SSPI auth.
>
> DJ

AFAIK, if server is running SPnego with Basic auth disabled, you "cannot"
impersonate another user on a windows client machine. SPNego means, no
password prompts, and worse case 401 Authorization errors. IIRC, its that
way by design. On linux one may impersonate the user by issuing "kinit
userid@REALM" to change their ID, however, may not be an option on a well
secure linux client.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Oct 10 00:29:48 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.