[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: "Windows Authentication" Was: "Credentials Caching - Security Guy Not Happy" from users list

From: Steve Dwire <sdwire_at_parkcitysolutions.com>
Date: 2004-08-26 22:34:45 CEST

I would imagine that SVN does not currently handle the client-side half
of the Kerberos negotiation, however. Would that be correct?

Is that all ("all" ha!) that would be necessary to provide seamless
authentication, then? the existing mod_auth_kerb on Apache (properly
configured) and a smarter SVN client?

Steve Dwire

-----Original Message-----
From: Jason Taylor [mailto:jtaylor@bastyr.edu]
Sent: Thursday, August 26, 2004 2:53 PM
To: Steve Dwire
Cc: users@subversion.tigris.org
Subject: Re: "Windows Authentication" Was: "Credentials Caching -
Security Guy Not Happy" from users list

[snip]

Kerberos is what I'm using now and it's working nicely. It also required

"manual" intervention on FreeBSD in order to get a reasonably current
version. For it to work as intended, it requires a bit of set up. I'm
don't remember exactly what, but I think it involved doing some set-up
on the domain controller and then copying files over to the Apache
server. Directions should be easily found by googling. I just used
"KrbVerifyKDC off" to avoid all that, but my security requirements are
pretty lax.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 26 22:35:36 2004

This is an archived mail posted to the Subversion Users mailing list.