You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Joe Orton <jo...@manyfish.co.uk> on 2006/01/20 18:26:17 UTC
Re: [neon] Re: excessive data transfer with SSPI
On Thu, Jan 12, 2006 at 06:37:41PM +0100, steveking wrote:
> We've already got a couple of reports from users using the 1.3.0RC1/2
> versions of TortoiseSVN that they can't connect to their repositories
> anymore because of this. Some could make it work by disabling the guest
> account, but some of them simply can't disable that account because they
> need it.
>
> Do you have an idea on how to solve this? Maybe a new option for
> mod_auth_sspi to not authenticate as user "guest"? Or is a change in
> neon required? Or in Subversion?
>
> Maybe the whole SSPI auth feature could be made run-time configurable in
> neon and not compile-time configurable?
Yes, allowing the application to select which auth protocols to enable
is something that's on the TODO list. (it is relatively simple to
implement in neon, but requires some new interfaces; making it
configurable in Subversion is probably more work)
Regards,
joe
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: [neon] Re: excessive data transfer with SSPI
Posted by Joe Orton <jo...@manyfish.co.uk>.
On Sat, Jan 21, 2006 at 07:07:21PM +0100, Stefan Küng wrote:
> Joe Orton wrote:
> >On Thu, Jan 12, 2006 at 06:37:41PM +0100, steveking wrote:
> >>Maybe the whole SSPI auth feature could be made run-time configurable in
> >>neon and not compile-time configurable?
> >
> >Yes, allowing the application to select which auth protocols to enable
> >is something that's on the TODO list. (it is relatively simple to
> >implement in neon, but requires some new interfaces; making it
> >configurable in Subversion is probably more work)
>
> I'd really appreciate it if you could implement those interfaces in neon
> soon. Once that's done, I can try (or maybe someone else more familiar
> with Subversion) to implement this in the Subversion lib.
This is done now on the trunk; the new interfaces are ne_add_*_auth,
which can be used instead of ne_set_*_auth:
http://svn.webdav.org/repos/projects/neon/trunk/src/ne_auth.h
joe
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: [neon] Re: excessive data transfer with SSPI
Posted by Stefan Küng <to...@gmail.com>.
Joe Orton wrote:
> On Thu, Jan 12, 2006 at 06:37:41PM +0100, steveking wrote:
>> We've already got a couple of reports from users using the 1.3.0RC1/2
>> versions of TortoiseSVN that they can't connect to their repositories
>> anymore because of this. Some could make it work by disabling the guest
>> account, but some of them simply can't disable that account because they
>> need it.
>>
>> Do you have an idea on how to solve this? Maybe a new option for
>> mod_auth_sspi to not authenticate as user "guest"? Or is a change in
>> neon required? Or in Subversion?
>>
>> Maybe the whole SSPI auth feature could be made run-time configurable in
>> neon and not compile-time configurable?
>
> Yes, allowing the application to select which auth protocols to enable
> is something that's on the TODO list. (it is relatively simple to
> implement in neon, but requires some new interfaces; making it
> configurable in Subversion is probably more work)
I'd really appreciate it if you could implement those interfaces in neon
soon. Once that's done, I can try (or maybe someone else more familiar
with Subversion) to implement this in the Subversion lib.
Right now, I've disabled SSPI support in the 1.3.x versions of TSVN:
it's better to not introduce new features which can prevent existing
users to connect to their repository without any chance of working
around it with an option/setting/whatever.
It's enabled on TSVN trunk however, so I can run tests and let others
test it as well.
Stefan
--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org