[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: On backporting r21531 to 1.4.x.

From: D.J. Heap <djheap_at_gmail.com>
Date: 2006-10-10 03:23:43 CEST

On 10/9/06, Stefan KŁng <tortoisesvn@gmail.com> wrote:
> For those cases, you could provide the command line params
> --username myname --password mypassword
> If those are present, then Subversion must tell neon to not authenticate
> with SSPI in the first place but only use basic authentication.

Ok, I've lost track of all the possibilities here. Can someone
summarize or correct the following (ignoring whether or not they can
be backported to 1.4.x for now, since the current set of changes
doesn't appear to be enough anyway):

1. The new config option to control neon auth mechanisms is still
desired, correct?

2. If --username/password are present on the commandline, they should
override automatic auth (such as SSPI/GSSAPI) and force BASIC auth
with those creds?

3. If auth succeeds, but then later authz fails, should Subversion
re-prompt for creds? Out of curiosity, is this how browsers behave if
they have authenticated someone but then later hit a file/path where
they are denied access?

4. There is currently a bug in neon-0.26.x/Subversion 1.4 that causes
GSSAPI to fail or crash in some scenarios.

Anything else?


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Oct 10 03:23:58 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.