Hi Andrey,
Thanks for your reply.
There is a limited choice of technologies to provide truly robust
distributed single sign-on.
It is either SAML based or WS Federation approach.
Other technologies such as OpenID, custom cookies based and etc have flaws.
However industry seems to be favoring
simpler technologies with higher risk but better performance and easier time
to deploy.
I have used LDAP authentication (and authorization with some extra
scripting) for internal domains in the past. I definitely can use LDAP but
account replication and syncing and other management tasks present to be
challenging.
On the other hand, cookies seems to an efficient way to maintain session
state among web apps within a domain. For inter-domain communication, one
can use SAML, for example, as we have done in the past.
I was just wondering if adding cookies was in the plans. They have been
around for awhile and worked quite well for majority web applications.
Thanks again,
Vadim
On Wed, Oct 7, 2009 at 3:47 AM, Andrey Repin <anrdaemon_at_freemail.ru> wrote:
> Greetings, vadim marchenko!
>
> > I was wondering if http cookies support is planned for subversion client
> any
> > time soon?
>
> > I am trying to integrate with 3-rd party single sign-on solution to
> provide
> > restricted access to subversion repository.
> > Any info/advice would very much appreciated.
>
> Cross-domain cookies are very, very, very bad idea...
> And if your 3rd party authorization is on same domain, "I'm failing to see"
> how your custom authn can't be implemented as Apache module or why you
> can't
> use one of the standard authn, like LDAP?
>
>
> --
> WBR,
> Andrey Repin (anrdaemon_at_freemail.ru) 07.10.2009, <11:44>
>
> Sorry for my terrible english...
>
>
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2404539
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-10-07 16:29:40 CEST