[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Re: Is Supported Single Sign On (SSO) on Windows?

From: Petr Kuzel <petr.kuzel_at_sun.com>
Date: Fri, 26 Nov 2010 03:11:40 -0800 (PST)

Hi Dariusz,

> > does Tortoise SVN client 1.6.11 support Single Sign On (SSO) on Windows (7 64bit), please? If yes what conditions must be met, please?
> TortoiseSVN 1.6.7 and higher come with a flaw in their neon library that
> stops kerberos auth from working. Newer neon libraries contain the fix, so
> hopefully one of upcoming Tortoise releases should start working again.

Interestingly enough TortoiseSVN client for the svn protocol (svnserve on the server) seems to support following SASL mechanics only:

•ANONYMOUS
•CRAM-MD5
•PLAIN
•DIGEST-MD5
•LOGIN
•NTLM

--http://tortoisesvn.tigris.org/tsvn_1.5_releasenotes.html#cyrus-sasl

I have not found any update on TortoiseSVN client SASL capabilities in earlier release notes. In 1.6.6 changelog there is:

Version 1.5.3
- CHG: paths in error messages are not truncated to 80 chars anymore. (Stefan)
- CHG: enabled rc4 encryption for the sasl dlls. (Stefan)
- CHG: linked against neon 0.28.3

-- C:\Program Files\TortoiseSVN\Changelog.txt

Microsoft's materials on Single Sign On (SSO):

In an intranet, Kerberos version 5 protocol implementations on the Windows platform offer the user SSO because of the basic characteristics of the authentication protocol and the specific features of the way the protocol is implemented in Windows client and server operating systems.

-- http://technet.microsoft.com/en-us/library/cc162924.aspx

I have not found similar claim for other protocol implementations.

To sum up, I do not see the Single Sign On (SSO) requirements satisfied because TortoiseSVN client does not provide GSSAPI (Kerberos 5, MIT implementation) mechanics (for the svn protocol).

Do you use some custom TortoiseSVN client build or have been the GSSAPI (Kerberos 5, MIT implementation)mechanics support for the svn protocol forgotten to be announced? (and become buggy in 1.6.7-(at time of writting)1.6.11)

  Thank you ahead
  Cc.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2685851

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-11-26 12:11:45 CET

This is an archived mail posted to the TortoiseSVN Users mailing list.