Stefan Küng wrote:
> If the reauthentication would be done completely by Subversion, then it
> might work. But as far as I understand, with SSPI enabled in neon it
> will always try first authenticating with that and never even ask
> Subversion for authentication data (username/password). Of course that
> happens only if the authentication succeeds with SSPI.
> That's one of the reasons neon 0.26.x has now the option to disable SSPI
> during runtime, so that clients can first try with SSPI, then try
> authenticating without it.
> (that's also why I think the current (trunk) behavior of Subversion
> should be improved: avoid the option in the configuration file but after
> the first authorization failure and reauthenticate again but this time
> with SSPI disabled).
I had a bit of trouble parsing that last bit. Are you suggesting that
we could get by in 1.4.x by simply hard-coding a first attempt with SSPI
followed by a fallback attempt without?
See, if we can avoid adding this runtime configuration option, my
concerns (at least about that matter) will vanish.
--
C. Michael Pilato <cmpilato@collab.net>
CollabNet <> www.collab.net <> Distributed Development On Demand
Received on Mon Oct 9 21:45:57 2006