Re: Feature Request: clients shouldn't store auth-creds

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2005-01-14 19:02:38 CET

On Fri, 2005-01-14 at 11:06, Robert wrote:
> Make the svn system supporting native kerberos (not PAM becourse of the
> plain text password floating through the network).

We already do!

Over HTTP, neon supports negotiate auth. I've made it work with
mod_auth_kerb (I'm not sure what the functional differences are between
that and modgssapache), although I had to fix a one-line bug in Neon.
See http://mailman.webdav.org/pipermail/neon/2004-November/001768.html
for details.

You can also use Kerberos authentication via svn+ssh, although the ssh
Kerberos situation is still a little murky, I think. But it can
definitely be made to work.

Some day we hope to integrate a SASL library into svnserve, which would
allow Kerberos authentication via svn:// as well.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jan 14 19:19:14 2005

This message: [ Message body ]
Next message: kfogel_at_collab.net: "Re: Parseable output: --xml option for more commands"
Previous message: solo turn: "Re: compiling python swig support on solaris8: APR_INT64_T_FMT?"
In reply to: Robert: "Re: Feature Request: clients shouldn't store auth-creds"
Next in thread: Robert: "Re: Feature Request: clients shouldn't store auth-creds"
Reply: Robert: "Re: Feature Request: clients shouldn't store auth-creds"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]