Re: "Windows Authentication" Was: "Credentials Caching - Security Guy Not Happy" from users list

From: Joe Orton <joe_at_manyfish.co.uk>
Date: 2004-08-28 01:40:52 CEST

On Thu, Aug 26, 2004 at 02:17:06PM -0400, Greg Hudson wrote:
> There exists a standard for performing Kerberos authentication over
> HTTP, and it's implemented by an Apache httpd module as well as some web
> browsers (IE, Mozilla). But neon, our HTTP client library, doesn't
> implement it currently. So one option would be to look into
> implementing this in neon.

neon has had limited support for Negotiate since 0.24.5, the notable
omission is correct handling of multiple-scheme challenges e.g.
Basic+Negotiate - it's improved for 0.25.x. Negotiate can only be used
securely over SSL, which really negates half the benefits, and the neon
code hasn't been tested much against the IIS implementation.

joe

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Aug 28 01:41:18 2004

This message: [ Message body ]
Next message: Paul Ossenbruggen: "Re: Credentials Caching - Security Guy Not Happy"
Previous message: Thomas Capricelli: ""svn: Can't copy" error"
In reply to: Greg Hudson: "Re: "Windows Authentication" Was: "Credentials Caching - Security Guy Not Happy" from users list"
Next in thread: Jason Taylor: "Re: "Windows Authentication" Was: "Credentials Caching - Security Guy Not Happy" from users list"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]