Re: Feature Request: clients shouldn't store auth-creds

From: Robert <robertLinux_at_gmx.de>
Date: 2005-01-14 17:06:31 CET

Hello.
I have followed the discussion a bit and I like to suggest the
following.

Make the svn system supporting native kerberos (not PAM becourse of the
plain text password floating through the network).

I would suggest NTLM and SPNEGO auth mechanism
(http://modgssapache.sorceforge.net. I know this works actually only
with MS InternetExplorer but since Apple for example supports
subversion in the developer tools they may then be tempted to support
NTLM in Safari, too. Probably Mozilla and the Mozilla based Linux
Browsers will follow.

Before I start recherching I would like to know what you think about
this idea in general.

Lit.: O'Reilly: Kerberos The Definite Guide, page 145ff, page 146 about
MS NTLM authentication and SPNEGO. Its only a few lines though.
RFC 2478

Cheers,
Robert Welz

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jan 14 17:08:23 2005

This message: [ Message body ]
Next message: e.huelsmann_at_gmx.net: "[l10n] Translation status for trunk r12723"
Previous message: Julian Reschke: "Re: [feature] Log HTTP header for autoversioning"
In reply to: Daniel Patterson: "Re: Feature Request: clients shouldn't store auth-creds"
Next in thread: Greg Hudson: "Re: Feature Request: clients shouldn't store auth-creds"
Reply: Greg Hudson: "Re: Feature Request: clients shouldn't store auth-creds"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]