Hi folks,
I am trying to make Subversion run with our ISA proxy which advertises
Proxy-Authenticate: Negotiate, NTLM, Basic.
My Subversion version is: 1.6.7 on Windows XP, tried with 1.7-beta3 which even
did not want to accept the URL. The HTTP lib is neon because serf quit working
with "svn:
Hi folks,
I am trying to make Subversion run with our ISA proxy which advertises
Proxy-Authenticate: Negotiate, NTLM, Basic.
My Subversion version is: 1.6.7 on Windows XP, tried with 1.7-beta3 which even
did not want to accept the URL. The HTTP lib is neon because serf quit working
with "svn:
> Betreff: Re: Proxy authentication with Negotiate uses wrong host
> On Mon, Aug 22, 2011 at 12:55:58PM +0200, 1983-01...@gmx.net wrote:
> > Now, when the proxy server challenges Subversion to authenticate,
> Subversion tries to retrieve a service ticket for the target host /instead of/
> for the
> Betreff: Re: Proxy authentication with Negotiate uses wrong host
> On Mon, Aug 22, 2011 at 01:41:59PM +0200, 1983-01...@gmx.net wrote:
> > no, I did not set that value neither on Windows nor on FreeBSD. Using
> Negotiate does require setting a username. That's what the credentials cache
> is for
> Betreff: Re: Proxy authentication with Negotiate uses wrong host
> > Digging deeper into that file shows that Negotiate auth for servers
> > (not proxy servers) is done only when the server is servered with
> > HTTPS [2].
>
> Having taken a brief glance it looks as if you can override this
> via
> On Tue, Aug 23, 2011 at 10:47:35PM +0200, Michael-O wrote:
> > I made some digging in the subversion and neon code and notices some
> > interesting and odd stuff.
> >
> > If you take a look at the aforementioned session.c in line 865 [1]
> > you'll see that the code is correct, Negotiate auth is
> On Wed, Aug 24, 2011 at 09:25:49AM +0200, 1983-01...@gmx.net wrote:
> > I'll do but why is Negotiate auth activated in session.c if the target
> host is ssy only? This should be on the user to decide not subversion.
>
> I don't know who made this decision and why.
> Maybe svn blame on that file
Bert,
> > -Original Message-
> > From: 1983-01...@gmx.net [mailto:1983-01...@gmx.net]
> > Sent: woensdag 24 augustus 2011 10:47
> > To: users@subversion.apache.org
> > Subject: Re: Proxy authentication with Negotiate uses wrong host
> >
> > > On Wed, Aug 24, 2011 at 09:25:49AM +0200, 1983
> Betreff: RE: Proxy authentication with Negotiate uses wrong host
> On Wed, 2011-08-24 at 05:52 -0400, Bert Huijben wrote:
> > Then somebody added Kerberos support to neon, but the api wasn't
> > updated to allow different behavior for the specific implementations.
>
> Kerberos via HTTP negotiat
> On Wed, 2011-08-24 at 07:42 -0400, 1983-01...@gmx.net wrote:
> > Are you refering to sole Kerberos or are you just concerned about
> > transport encryption? Your statement somewhat irritates me.
> > Given that the HTTP traffic cannot be securely wrapped into the GSS
> > content and nor the SASL Q
10 matches
Mail list logo
