I would like to inform everybody that I managed to make SVN being
authenticated in Apache via SSPI/NTLM as well with proxy on Microsoft ISA
At the first here is our system configuration:
* Local SVN Server:
* svn server works as a module behind Apache 2 running on some
* sspi_auth_module as an authentication module alowing both Basic and
SSPI/NTLM authentication. Passwords are checked in NT domain.
* authz_svn_module as an authorization module
* Proxy Server
* Microsoft ISA Proxy server allowing NTLM, Kerberos and Kerberos
authentication to pass outside local network
* svn 1.2.0 and TortoiseSVN running on Microsoft workstations
* we access local svn repositories and remote via http and https
As it's known svn supports only Basic and Digest authentication by default.
But it uses neon with SSPI implemented in the latest release (I actually
used 0.25.2). Theirs config.hw.in contains HAVE_SSPI define by default.
All u need to enable NTLM SSPI support in svn is just rebuild svn with the
latest neon library.
Then it's possible to enable svn being authenticated in ISA proxy server.
subversion/libsvn_ra_dav/session.c contains a code enabling authentication
in proxy only if u specify username in registry (http-proxy-username item).
I attached a patch that avoids this.
Then I rebuild TortoiseSVN with updated svn libraries and neon and I found
that everything works:
* svn/tortoise can be authenticated in Apache with SSPI/NTLM as well
* svn/tortoise can pass local ISA server authenticated with SSPI/NTLM
* all of this work via HTTP as well as HTTPS.
So my team is working with it and I didn't find any problems yet. May be
other guys can look at it?
With Best Regards
RSM Team Lead
vul. Heroiv Kosmosu 4
Tel: +380 (44) 247-19-80 (extension 217)
Fax: +380 (44) 247-19-81
web: http://www.materialise.com <http://www.materialise.com/>
This e-mail and its attachments may contain confidential information. It is
intended solely for the use of the addressee(s) named herein. Any use of the
information contained herein by other persons is prohibited. If you have
received this e-mail by mistake, please immediately notify the sender and
permanently delete the original as well as any copy thereof. Materialise NV
does not accept any liability for the contents of this e-mail and its
Received on Wed Jul 13 15:25:05 2005
To unsubscribe, e-mail: email@example.com
For additional commands, e-mail: firstname.lastname@example.org