SiteMinder is setting the remote_user after it authenticates the user.
If subversion uses the authentication from apache, and subsequently the remote_user, in theory my only challenge should be authorization.
Rob Davis
609.274.8908
-----Original Message-----
From: Andy Levy <andy.levy@gmail.com>
To: Davis, Rob (GTI)
CC: users@subversion.tigris.org <users@subversion.tigris.org>
Sent: Sun Nov 04 07:29:27 2007
Subject: Re: Subversion and SiteMinder
But where is SiteMinder getting REMOTE_USER from? AFAIK, Subversion
doesn't use cookies anywhere, and AIR SiteMinder's SSO centers around
the use of them.
On 11/3/07, Davis, Rob (GTI) <rob_davis@ml.com> wrote:
>
>
>
>
> As all clients will be using apache to access, and having SiteMinder supply
> apache the REMOTE_USER value, couldn't Subversion authentication simply be
> turned off but still use the authorization file?
> Rob Davis
> 609.274.8908
>
> -----Original Message-----
> From: Andy Levy <andy.levy@gmail.com>
> To: Davis, Rob (GTI)
> CC: users@subversion.tigris.org <users@subversion.tigris.org>
> Sent: Sat Nov 03 21:39:04 2007
> Subject: Re: Subversion and SiteMinder
>
> On 11/3/07, Davis, Rob (GTI) <rob_davis@ml.com> wrote:
> >
> >
> >
> >
> > Andy,
> >
> > No. I'm new to the app and the SiteMinder subject matter expert. I'm
> > working with the Subversion SME to integrate the two.
> >
> > Do you have any suggestions?
>
> I don't think you'll get it working. See
> http://www.svnforum.org/2017/viewtopic.php?t=4669
>
> ________________________________
>
> This message w/attachments (message) may be privileged, confidential or
> proprietary, and if you are not an intended recipient, please notify the
> sender, do not use or share it and delete it. Unless specifically indicated,
> this message is not an offer to sell or a solicitation of any investment
> products or other financial product or service, an official confirmation of
> any transaction, or an official statement of Merrill Lynch. Subject to
> applicable law, Merrill Lynch may monitor, review and retain
> e-communications (EC) traveling through its networks/systems. The laws of
> the country of each sender/recipient may impact the handling of EC, and EC
> may be archived, supervised and produced in countries other than the country
> in which you are located. This message cannot be guaranteed to be secure or
> error-free. This message is subject to terms available at the following
> link: http://www.ml.com/e-communications_terms/. By
> messaging with Merrill Lynch you consent to the foregoing.
> ________________________________
>
>
--------------------------------------------------------
This message w/attachments (message) may be privileged, confidential or proprietary, and if you are not an intended recipient, please notify the sender, do not use or share it and delete it. Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Merrill Lynch. Subject to applicable law, Merrill Lynch may monitor, review and retain e-communications (EC) traveling through its networks/systems. The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or error-free. This message is subject to terms available at the following link: http://www.ml.com/e-communications_terms/. By messaging with Merrill Lynch you consent to the foregoing.
--------------------------------------------------------
Received on Sun Nov 4 13:37:35 2007