Re: On backporting r21531 to 1.4.x.

From: D.J. Heap <djheap_at_gmail.com>
Date: 2006-10-10 03:23:43 CEST

On 10/9/06, Stefan Küng <tortoisesvn@gmail.com> wrote:
[snip]
> For those cases, you could provide the command line params
> --username myname --password mypassword
>
> If those are present, then Subversion must tell neon to not authenticate
> with SSPI in the first place but only use basic authentication.
>

Ok, I've lost track of all the possibilities here. Can someone
summarize or correct the following (ignoring whether or not they can
be backported to 1.4.x for now, since the current set of changes
doesn't appear to be enough anyway):

1. The new config option to control neon auth mechanisms is still
desired, correct?

2. If --username/password are present on the commandline, they should
override automatic auth (such as SSPI/GSSAPI) and force BASIC auth
with those creds?

3. If auth succeeds, but then later authz fails, should Subversion
re-prompt for creds? Out of curiosity, is this how browsers behave if
they have authenticated someone but then later hit a file/path where
they are denied access?

4. There is currently a bug in neon-0.26.x/Subversion 1.4 that causes
GSSAPI to fail or crash in some scenarios.

Anything else?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Oct 10 03:23:58 2006

This message: [ Message body ]
Next message: Stefan Küng: "Re: On backporting r21531 to 1.4.x."
Previous message: Mark Phippard: "Re: FSFS corruption on the rise..."
In reply to: Stefan Küng: "Re: On backporting r21531 to 1.4.x."
Next in thread: Stefan KÃ¼ng: "Re: On backporting r21531 to 1.4.x."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]