Re: On backporting r21531 to 1.4.x.

From: Samay <getafix123_at_hotmail.com>
Date: 2006-10-10 00:29:27 CEST

On 10/9/06, Stefan Küng <tortoisesvn@gmail.com> wrote:
>
> > I'm 90% certain SSPI gives this level of control... of
> > course, if I had to guess, I'd guess neon doesn't give
> > this level of control :-(
>
> I'm 90% certain that SSPI can't give that level of control :)

> If you have the username and password it is pretty easy (in Windows,
> anyway) to temporarily impersonate a user for SSPI auth.
>
> DJ

AFAIK, if server is running SPnego with Basic auth disabled, you "cannot"
impersonate another user on a windows client machine. SPNego means, no
password prompts, and worse case 401 Authorization errors. IIRC, its that
way by design. On linux one may impersonate the user by issuing "kinit
userid@REALM" to change their ID, however, may not be an option on a well
secure linux client.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Oct 10 00:29:48 2006

This message: [ Message body ]
Next message: John Szakmeister: "Re: FSFS corruption on the rise..."
Previous message: Samay: "Re: On backporting r21531 to 1.4.x."
In reply to: D.J. Heap: "Re: On backporting r21531 to 1.4.x."
Next in thread: Stefan KÃ¼ng: "Re: On backporting r21531 to 1.4.x."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]