Ramaswamy S wrote: > On 5/24/05, Mike Taylor <[EMAIL PROTECTED]> wrote: >>No - it's cached by the client in a per-project file that is read-only >>by the user - very similiar to what .cvspass is/does >> > That's what I also said :-) . svn cmds that require auth have a > --no-auth-cache option - but that would mean typing credentials every > time.
So it seems like the svn server stores passwords in a clear text file unless you are using svn+ssh or https with client certs. NOT nice. If anyone knows of any plugins/extensions/hacks/fixes that would enable encryption of the server password file I would be interested. Also if anyone could get a list of svn clients that support client certificates for https it would be useful. Finally information about clients that cache client passwords but don't store the passwords in the clear would be nice to have. -- Heikki Toivonen
signature.asc
Description: OpenPGP digital signature
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Open Source Applications Foundation "Dev" mailing list http://lists.osafoundation.org/mailman/listinfo/dev
