Re: Subversion: integration of certificate based login

From: Joe Orton <jorton_at_redhat.com>
Date: Fri, 4 Dec 2009 13:36:31 +0000

On Thu, Dec 03, 2009 at 03:50:55PM +0100, Markus Oberlassnig wrote:
> we need to integrate certificate based login to subversion, subclipse
> and tortoise. Is it possible to configure svn, so that a user (client)
> can be authorized by a certificate (X509 and / or PKCS11) without
> additional login. When yes, how can this be done? When no, can you
> give me hints, how to develop this feature or who can develop this
> feature?

You can use SSL client certs with an SVN repos accessed via https, see
the "ssl-client-cert-file" config option, described in the book:

http://svnbook.red-bean.com/en/1.1/ch07.html

> We also need to read the client certificate from a smart card. Is it
> correct that we can use opensc for this feature?

Yes. Set "ssl-pkcs11-provider = opensc" in ~/.subversion/servers
(either in the [global] section or a server-specific group)

Regards, Joe
Received on 2009-12-04 14:37:17 CET

This message: [ Message body ]
Next message: Joe Orton: "Re: svn ls https://... results in "The certificate has an unknown error""
Previous message: Joe Orton: "Re: svn/neon fails to prompt user when encountering self-signed/etc. certs"
In reply to: Markus Oberlassnig: "Subversion: integration of certificate based login"
Next in thread: Markus Oberlassnig: "AW: Subversion: integration of certificate based login"
Reply: Markus Oberlassnig: "AW: Subversion: integration of certificate based login"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]