https, virtual host and Kerberos Negotiate

From: Yves Martin <yves.martin_at_elca.ch>
Date: 2007-03-19 11:40:18 CET

Hello,

My Subversion server uses Apache2 with mod-auth-kerb 5.3 on Debian
GNU/Linux Sarge.
Everything works fine with HTTPS and Kerberos SPNEGO authentication as
far as the FQDN server name (srv12345.mydomain.com) is used on win32.

On Unix platform, the svn client (Linux 1.4.3 with neon 0.25.5) does
SPNEGO perfectly with both FQDN or server alias svn.mydomain.com

On win32 platform, the svn 1.4.3 client built with neon 0.25.5:
. authenticates properly with Kerberos Negotiate when accessing
https://server12345.mydomain.com/subversion/project/

. Kerberos Negotiate fails when accessing
https://svn.mydomain.com/subversion/project/
and the svn client falls back to basic authentication.

I think this is a platform specific bug.
Unix version does things right:
. first find the IP for the URL hostname
. then a reverse DNS call to get the FQDN of the server
. connect with the FQDN

This logic should be ported on win32 too.

Thank you in advance for your attention

-- 
Yves Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Thu Mar 22 23:33:22 2007

This message: [ Message body ]
Next message: Christian Unger: "Re: Error: Found malformed header in revision file"
Previous message: Méresse Christophe: "RE: Re: all-wcprops out of date problem"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]