[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Windows svn/tortoise clients with an Apache 2.0.54/AuthenNTLM/svn 1.2.1/Linux server

From: Branko Čibej <brane_at_xbc.nu>
Date: 2005-08-09 12:28:00 CEST

John Szakmeister wrote:

>On Monday 08 August 2005 20:39, Samay wrote:
>[snip]
>
>
>>actually REALM is important if
>>a) one is authenticating agaisnt multiple AD domains. One need to know
>>user@REALM1 is different from user@REALM2.
>>b) specific to AD, user@REALM is the real user ID on AD, hence makes it
>>easy to implement access control on Apache, etc.
>>c) if AD is configured properly, then user@REALM also is the email address.
>>
>>
>
>But you also lose out on groups with mod_auth_kerb. Kerberos has no concept
>of groups. :-(
>
>
Ah, but groups are an authorization concept, not an authentication
concept. I've got a setup that uses mod_auth_kerb for authentication,
and an ordinary mod_auth group file for group access control. With AD,
you can also use ldap for the group filter.

-- Brane

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Aug 9 12:31:35 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.