I have been looking into support for HTTP Negotiate authentication for
WebDAV access to Subversion repositories. In theory, this should be
fairly straightforward, as mod_auth_kerb
<http://modauthkerb.sourceforge.net/> takes care of the Apache side of
things and neon supports the Negotiate authentication method.
Unfortunately, initial tests indicate that this is not working properly
in neon 0.24.7; setting neon-debug-mask = 8 reveals:
ah_create, for WWW-Authenticate
Not handling session.
ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Negotiate
Got challenge with code 401.
Got new auth challenge: Negotiate
New challenge for scheme [Negotiate]
Finished parsing parameters.
Looking for GSSAPI.
A standalone test with neon 0.24.7 exhibits the same problem but works
with neon 0.25.4.
Are there any plans to update Subversion to the neon 0.25 API? Has
someone already done this, or would you welcome a patch against
This issue might be related:
<http://subversion.tigris.org/issues/show_bug.cgi?id=1844>. It implies
that Serge Gotvansky has built subversion against neon 0.25.2:
is that patch available?
Ray Miller, Systems Development & Support Section Manager
Computing Services, University of Oxford
Received on Sun Oct 30 15:53:59 2005