Kerberos foreign principals

From: Victor Sudakov <sudakov_at_sibptus.tomsk.ru>
Date: Thu, 7 Feb 2013 15:31:54 +0700

Colleagues,

I use subversion-1.7.2 with cyrus-sasl-2.1.25 for Kerberos (GSSAPI)
authentication. I have the following in svnserve.conf:

[general]
auth-access = write
[general]
realm = SIBPTUS.TOMSK.RU
[sasl]
use-sasl = true

Everything works smoothly for the users (Kerberos principals) in the
SIBPTUS.TOMSK.RU realm.

How can I give repository access (authorization) to users in other
realms which are trusted by the SIBPTUS.TOMSK.RU realm? It seems that
"auth-access = write" is not sufficient to give them access.

I would not mind if all the foreign principals were granted write
access to the repository with their subversion ids (e.g. in logs) being
'user_at_FOREIGN.REALM'. Is this possible?

TIA for any input.

-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
sip:sudakov_at_sibptus.tomsk.ru

Received on 2013-02-07 09:32:34 CET

This message: [ Message body ]
Next message: Stefan Sperling: "Re: Kerberos foreign principals"
Previous message: Joe Schaefer: "Re: Coniguring 301/302 redirects to track an fspath rename"
Next in thread: Stefan Sperling: "Re: Kerberos foreign principals"
Reply: Stefan Sperling: "Re: Kerberos foreign principals"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]