[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SSPIPerRequestAuth

From: Stefan Küng <tortoisesvn_at_gmail.com>
Date: Mon, 08 Sep 2008 18:31:52 +0200

Purple Streak wrote:
> 2008/9/6 Stefan Küng <tortoisesvn_at_gmail.com>:
>> Purple Streak wrote:
>>> 2008/9/5 Stefan Küng <tortoisesvn_at_gmail.com>:
>>>> Subversion doesn't really know about the authentication, it uses other
>>>> modules to do that job. For SSPI authentication, it's the neon library
>>>> that does the job.
>>>> But neon does the authentication according to the data it gets from the
>>>> server. And simply activating SSPIPerRequestAuth should not change the
>>>> authentication, at least not as far as I know.
>>>> So I would suspect that this is a problem of the mod_auth_sspi module.
> I just looked at the mod_auth_sspi code.. and for SSPIPerRequestAuth it has
> "set to 'on' if you want authorization per request instead of per connection"
> Now does that mean if you open one https connection and use keepalive
> to send several requests that turning this option off actually means
> you authenticate less and not more? I'd read previously on this list
> that leaving it off meant it would authenticate each data packet?

You'd have to ask that on the mod_auth_sspi support forums.


  oo  // \\      "De Chelonian Mobile"
 (_,\/ \_/ \     TortoiseSVN
   \ \_/_\_/>    The coolest Interface to (Sub)Version Control
   /_/   \_\     http://tortoisesvn.net

Received on 2008-09-08 18:32:40 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.