On Fri, Mar 7, 2008 at 12:14 PM, Gleason, Todd <tgleason_at_impac.com> wrote:
> That's not quite what I was asking. What I mean is, can you disable the
> ability to cache credentials on the server end? So the server can
> guarantee that the user retyped their password every time they commit?
> I'm not as concerned about disabling credentials caching when doing
> updates, I just am asking if you can guarantee that, every time the user
> commits a document, they specifically type their password as a guarantee
> that somebody else didn't use their workstation.
The SVN server is not able to control client credential caching (or
any other options which can be set via the client config file or
command-line parameters).
> The reason I bring this up is that I can imagine people wanting to use
> Subversion as a document management solution in an area requiring 21 CFR
> Part 11 electronic signatures (an FDA requirement for electronic
> approvals where you have to type your userid and password to check in or
> approve a document). Such a system would be very light on process, but
> also very quick (and cheap) to use.
>
>
> -----Original Message-----
> From: Andy Levy [mailto:andy.levy_at_gmail.com]
> Sent: Friday, March 07, 2008 9:43 AM
> To: users_at_tortoisesvn.tigris.org
>
> Subject: Re: Evaluating SVN as a Document Management Solution
>
> On Fri, Mar 7, 2008 at 11:27 AM, Gleason, Todd <tgleason_at_impac.com>
> wrote:
>
> > A general question to Subversion folks, for people who might use SVN
> for
> > document management: Can you configure the server to ask for
> password
> > on every commit? This might be useful for people who need stricter
> > electronic signature options.
>
> Yes, you can (and in most cases should) configure SVN to require a
> password for any operation, especially commits. User credentials are
> cached in your local OS user account's home directory, so once you've
> authenticated once, you shouldn't be prompted again. This can be
> problematic if multiple people share a workstation login account, but
> that's another ball of security wax that's outside the realm of SVN.
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_tortoisesvn.tigris.org
> For additional commands, e-mail: users-help_at_tortoisesvn.tigris.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_tortoisesvn.tigris.org
For additional commands, e-mail: users-help_at_tortoisesvn.tigris.org
Received on 2008-03-07 18:43:40 CET