Thanks for the quick response. Subversion credential cache is something that is done on the client side.
But we have an issue storing plain text passwords in the “passwd” on the server side. Could you please suggest on it. Your help will be much appreciated. Thanks, Sriharsha From: Daniel Sahlberg <daniel.l.sahlb...@gmail.com> Sent: 22 August 2023 16:44 To: Channakeshavala, Sriharsha <s.channakeshav...@sap.com> Cc: users@subversion.apache.org Subject: Re: “passwd” file stores plain text passwords - how to protect it You don't often get email from daniel.l.sahlb...@gmail.com<mailto:daniel.l.sahlb...@gmail.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Den tis 22 aug. 2023 kl 13:00 skrev Channakeshavala, Sriharsha via users <users@subversion.apache.org<mailto:users@subversion.apache.org>>: Hello, Since the “passwd” file stores plain text passwords, it is vulnerable for the SVN users. We have not compiled the subversion 1.14.2 with “cyrus SASL” library and hence cannot use SASL authentication mechanisms. Could you please suggest any other alternative to secure the passwd file ? The following FAQ article on the Subversion website should probably answer your questions: https://subversion.apache.org/faq.html#plaintext-passwords Please note that for Subversion 1.12 until 1.14 the default was to disable the plaintext password cache. In Subversion 1.15 the plaintext password cache will again be enabled by default. Kind regards, Daniel
