[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Authentication with RSA SecurID token?

From: Mark Phippard <markphip_at_gmail.com>
Date: Thu, 12 Jun 2008 14:50:44 -0400

On Thu, Jun 12, 2008 at 11:36 AM, Greg Thomas <thomasgd_at_omc.bt.co.uk> wrote:
> On Thu, 12 Jun 2008 11:31:16 -0400, Chris Shenton
> <chris.shenton_at_nasa.gov> wrote:
>
>>We've got (ahem) a customer requirement to use SecurID tokens for auth
>>to a Subversion repo we're building.
>
> I'm aware of, but have never used,
> http://www.deny-all.com/mod_securid/ ("This module enables RSA SecurID
> authentication for Apache.")
>
> Could you use that?

I do not know any details, including whether anyone ever actually got
it working. But I was told that a SecurID solution was unworkable
because Subversion via HTTP is not session-based at all. You wind up
having to respond to a SecurID challenge for every single request.
Using something like the TortoiseSVN repository browser would mean
having to enter this everytime you expanded the repository tree one
level. As one example.

-- 
Thanks
Mark Phippard
http://markphip.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-06-12 20:51:08 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.