Adrian Wilkins wrote:
> On the other hand, it would appear to be very small patch to the neon
> source to "(un) fix" it. Maybe a bit more if you wanted to be able to
> configure it. For the typical use for NTLM auth, which is over a windows
> LAN, I don't think it's such a huge thing ; people will more than likely
> instead just be typing their network password into the auth box, which
> then sends it across the network via Basic auth! I know this is the way
> I have mine configured (yes, yes, I should be using SSL). If you want,
> you could always build it yourself (it's not hard to figure out which
> code to change). I did find a post...
>
> http://osdir.com/ml/web.webdav.neon.general/2006-12/msg00039.html
>
> .. which suggests you can override this behaviour through the API (at
> the 0.26 level anyway).
Yes, you can configure this with neon > 0.26.
> This seems to have gone into the SVN sources at r21531, so it's
> supported in 1.4.2 clients upwards. It looks as simple as editing your
> servers file, creating a group for servers which you use SSPI for, and
> adding the appropriate http-auth-types = basic;digest;negotiate to the
> config.
Almost correct: it's available in Subversion built from trunk (the
upcoming 1.5), but *not* in 1.4.x - that part has not been backported
(and there's a veto vote which prevents it from ever being backported).
With a current nightly build from trunk, it's possible to edit the
servers file and activate this. If you like to try, please report back
how it works for you.
> I confess though, I've yet to get this to work. mod_sspi works fine at
> authenticating the user against the domain, using their domain password,
> but I can't get it to work seamlessly ; so I have to resort to using the
> "Basic" passthrough feature. (SSPIOfferBasic On). Which means passwords
> in plaintext.
Not the best way to do this :(
Can you try a nightly build and edit the servers file? Maybe you can get
it to work properly with http (I never tried that, and I don't have a
domain controller to test, so I have to rely on others to do that).
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Thu Dec 6 20:48:35 2007