[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svnserve authenticating against Windows domain credentials

From: Mark Phippard <markphip_at_gmail.com>
Date: Fri, 2 May 2008 10:34:32 -0400

On Fri, May 2, 2008 at 10:22 AM, Scott Palmer <Scott_at_digital-rapids.com> wrote:
> Like I said, the docs suck. I can't make heads or tails of
> windows.html. Too me it looks like at least GSSAPI is supported and I
> thought that was the key to working with LDAP/Kerberos.

It says GSSAPI has been tested using CyberSafe, which is a commercial
product. So no one is going to be able to create and distribute
binaries that use it.

> NTLM I thought was the same stuff that was used to authenticate with
> Windows domains for file sharing on Mac/Linux boxes via Samba.
> Apparently there is more too it.

NTLM, Kerberos, CRAM-MD5, DIGEST-MD5 are all ways for clients and
server to negotiate authentication credentials with each other. They
do not directly speak to what that back end "store" is which the
server is using the validate the credentials.

Windows clients used to only support NTLM as the way they
authenticated with file shares, which is why things like Samba needed
to support it.

I'd suspect the LDAP back-end could be made to work with Windows, but
as you say the docs suck so it will take someone that wants to spend
the time to understand the code and port it all to build and work on

Mark Phippard
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-05-02 16:34:56 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.