[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: "Windows Authentication" Was: "Credentials Caching - Security Guy Not Happy" from users list

From: Joe Orton <joe_at_manyfish.co.uk>
Date: 2004-08-28 01:40:52 CEST

On Thu, Aug 26, 2004 at 02:17:06PM -0400, Greg Hudson wrote:
> There exists a standard for performing Kerberos authentication over
> HTTP, and it's implemented by an Apache httpd module as well as some web
> browsers (IE, Mozilla). But neon, our HTTP client library, doesn't
> implement it currently. So one option would be to look into
> implementing this in neon.

neon has had limited support for Negotiate since 0.24.5, the notable
omission is correct handling of multiple-scheme challenges e.g.
Basic+Negotiate - it's improved for 0.25.x. Negotiate can only be used
securely over SSL, which really negates half the benefits, and the neon
code hasn't been tested much against the IIS implementation.

joe

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Aug 28 01:41:18 2004

This is an archived mail posted to the Subversion Users mailing list.