Re: About HTTP authentication and usernames

From: Martin v. Löwis <martin_at_v.loewis.de>
Date: 2003-07-28 22:41:55 CEST

Mukund <mukund@tessna.com> writes:

> I would like to know opinions of people on this list about SSL client
> authentication using X.509 certificates, and how information in these
> certificates can be used with Subversion.

We are using X.509 client certificates, with an option for users to
use basic authentication should they not have their certificate
available.

> Recently, there was a post of an Apache module which'd let fields in the
> DN to be used as the username. I am familiar with
> +FakeBasicAuthentication in mod_ssl in Apache.

Yes, this is my module. It works very nicely.

> 1. Does Subversion support usernames with the format "user@domain.com"
> (without the quotes)? With this I would assume one can use the Email
> portion of the Subject DN to act as a username.

Certainly. Any string can be used as the author. We use
SSL_CLIENT_S_DN_CN, but using SSL_CLIENT_S_DN_Email would work just as
well.

Regards,
Martin

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Jul 28 22:42:50 2003

This message: [ Message body ]
Next message: Michael Wood: "Re: cvs2svn failure (in pass 5, "Filesystem has no item")"
Previous message: e.huelsmann_at_gmx.net: "Re: Error: I got "svn: Transaction is out of date""
In reply to: Mukund: "About HTTP authentication and usernames"
Next in thread: Mukund: "Re: About HTTP authentication and usernames"
Reply: Mukund: "Re: About HTTP authentication and usernames"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]