You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by "Reuben D. Budiardja" <te...@pathfinder.phys.utk.edu> on 2006/04/19 14:42:35 UTC
Expiring cached password
Hello,
I am trying to decide which authentication mechanism to use for hosting svn
repo. I am thinking about just using the svnserve standalone server, but I
have one question.
The documentation (ie. svn book) mentioned that credential are cached on the
client side. Will this ever expire ? or will the client only ask for
credential once then use its cache forever ? Expiring the cache after a
certain time seems to improve security (for example in the case that the
client machine is compromised, etc).
It would be nice also if the server somehow can force the cache to expire. I
don't know if that's even possible given the authentication model. But I'm
thinking that the server could change the realm automatically, once a day or
something like that.
Thanks.
RDB
--
Reuben D. Budiardja
Dept. Physics and Astronomy
University of Tennessee, Knoxville, TN
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Expiring cached password
Posted by Nick Thompson <ni...@agere.com>.
On Wednesday 19 April 2006 15:42, Reuben D. Budiardja wrote:
> Hello,
> I am trying to decide which authentication mechanism to use for
> hosting svn repo. I am thinking about just using the svnserve
> standalone server, but I have one question.
>
> The documentation (ie. svn book) mentioned that credential are
> cached on the client side. Will this ever expire ? or will the
> client only ask for credential once then use its cache forever ?
> Expiring the cache after a certain time seems to improve security
> (for example in the case that the client machine is compromised,
> etc).
>
> It would be nice also if the server somehow can force the cache to
> expire. I don't know if that's even possible given the
> authentication model. But I'm thinking that the server could change
> the realm automatically, once a day or something like that.
The credentials are cached for ever, but they are good only as long as
they remain valid on the server. If the password file is updated on
the server, the credentials on the client now become invalid.
I don't think you can change the realm with svnserve.....? Isn't it
just hostname based? I could be wrong about that.
--
> Nick Thompson
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org