You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Steve Baker <St...@hj3m.com> on 2006/07/12 18:13:39 UTC
integrated windows security
I am evaluating svn as an option for our new source control tool at
work. I have been using svn at home for quite some time, but have never
had to look into certain aspects that are more important for the
corporate LAN environment.
The first question I have been asked is does svn support integrated
windows authentication...
In my searching I have found that it sounds like this is supported
through apache.
" Authentication options - HTTP(S) basic auth, X.509 certificates, LDAP,
NTLM, or any other mechanism available to Apache httpd"
A brief look at apache documentation seems to point to using
mod_auth_ldap
http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html
but I have found a few other modules for apache that seem to support
ldap and ntlm functionality.
I have never used apache and was hoping for some pointers before I start
setting it up ( in a windows environment to start ) so that I can see
and understand what it will take to get svn up and running with windows
accounts.
I have read the subversion books section on apache:
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: integrated windows security
Posted by aurfalien <br...@krusic.com>.
I would suggest using SSL as no client mods are needed for that. Plus fine
tuning your web server for concurrent SSL connections is easier than fine
tuning your OS for concurrent SSH connections.
Neither is more/less secure than the other.
Just a note, more and more VPN vendors are moving towards SSL based VPNs vs
IPSEC based VPNs due to the nature of ubiquity regarding SSL.
Bri-
----- Original Message -----
From: "si" <ss...@gmail.com>
To: "Steve Baker" <St...@hj3m.com>
Cc: <us...@subversion.tigris.org>
Sent: Wednesday, July 12, 2006 6:45 PM
Subject: Re: integrated windows security
> Hi Steve,
>
>> In my searching I have found that it sounds like this is supported
>> through apache.
>
> Yes. Another option we're considering is svn+ssh (svnserve tunnelled
> through ssh) with sshd using windows authentication.
>
> I haven't been able to test it out yet (waiting on vlan setup for domain
> access) but if you're interested i'd be happy to report back how it goes.
>
> Incidentally, has any done svn+ssh using
> http://www.bitvise.com/winsshd.html ?
> (or can recommend another ssh daemon on windows?)
>
> peace
> si
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: integrated windows security
Posted by si <ss...@gmail.com>.
Hi Steve,
> In my searching I have found that it sounds like this is supported
> through apache.
Yes. Another option we're considering is svn+ssh (svnserve tunnelled
through ssh) with sshd using windows authentication.
I haven't been able to test it out yet (waiting on vlan setup for domain
access) but if you're interested i'd be happy to report back how it goes.
Incidentally, has any done svn+ssh using http://www.bitvise.com/winsshd.html ?
(or can recommend another ssh daemon on windows?)
peace
si
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: integrated windows security
Posted by Steve Baker <St...@hj3m.com>.
Perfect, thank you :)
>-----Original Message-----
>From: Mark Phippard [mailto:markp@softlanding.com]
>Sent: Wednesday, July 12, 2006 1:28 PM
>To: Steve Baker
>Cc: users@subversion.tigris.org
>Subject: Re: integrated windows security
>
>"Steve Baker" <St...@hj3m.com> wrote on 07/12/2006 02:13:39 PM:
>
>> I am evaluating svn as an option for our new source control tool at
>> work. I have been using svn at home for quite some time, but have
never
>> had to look into certain aspects that are more important for the
>> corporate LAN environment.
>>
>> The first question I have been asked is does svn support integrated
>> windows authentication...
>>
>> In my searching I have found that it sounds like this is supported
>> through apache.
>>
>> " Authentication options - HTTP(S) basic auth, X.509 certificates,
LDAP,
>> NTLM, or any other mechanism available to Apache httpd"
>>
>> A brief look at apache documentation seems to point to using
>> mod_auth_ldap
>>
>> http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html
>>
>> but I have found a few other modules for apache that seem to support
>> ldap and ntlm functionality.
>>
>> I have never used apache and was hoping for some pointers before I
start
>> setting it up ( in a windows environment to start ) so that I can see
>> and understand what it will take to get svn up and running with
windows
>> accounts.
>>
>> I have read the subversion books section on apache:
>
>TortoiseSVN has always provided good docs for this. See:
>
>http://tortoisesvn.sourceforge.net/docs/release/TortoiseSVN_en/ch03.htm
l#ts
>vn-serversetup-apache
>
>Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: integrated windows security
Posted by Mark Phippard <ma...@softlanding.com>.
"Steve Baker" <St...@hj3m.com> wrote on 07/12/2006 02:13:39 PM:
> I am evaluating svn as an option for our new source control tool at
> work. I have been using svn at home for quite some time, but have never
> had to look into certain aspects that are more important for the
> corporate LAN environment.
>
> The first question I have been asked is does svn support integrated
> windows authentication...
>
> In my searching I have found that it sounds like this is supported
> through apache.
>
> " Authentication options - HTTP(S) basic auth, X.509 certificates, LDAP,
> NTLM, or any other mechanism available to Apache httpd"
>
> A brief look at apache documentation seems to point to using
> mod_auth_ldap
>
> http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html
>
> but I have found a few other modules for apache that seem to support
> ldap and ntlm functionality.
>
> I have never used apache and was hoping for some pointers before I start
> setting it up ( in a windows environment to start ) so that I can see
> and understand what it will take to get svn up and running with windows
> accounts.
>
> I have read the subversion books section on apache:
TortoiseSVN has always provided good docs for this. See:
http://tortoisesvn.sourceforge.net/docs/release/TortoiseSVN_en/ch03.html#tsvn-serversetup-apache
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org