I have a Windows 2008 R2 IIS7 server with Mercurial under HTTPS. I connect to the Mercurial Repositories using TortoiseHG and via the web interface. If I don't have my username and password in the .hgrc
file, them I'm prompted for my domain credentials.
What I want, is to setup my Mercurial repositories security in such away that I do not have to supply credentials through a basic authentication prompt or via entering them in cleartext in my personal .hgrc
file. The user access should be inferred by being logged into the domain on the computer I am working on.
Authentication setup:
- Anonymous Authentication: Disabled
- ASP.Net Impersonation: Disabled
- Basic Authentication: Enabled
- Forms Authentication: Disabled
- Windows Authentication: Enabled
On the client side I have my credentials in my personal .hgrc
:
[auth]
tag.prefix = https://MercurialServer
tag.username = Username
tag.password = Password
Best Answer
So, you're asking if TortoiseHG has support for authenticating to IIS using NTLM/Kerberos to pass the Windows Authentication mode in IIS? The answer is no; it uses the basic auth, which requires plaintext credentials, whether saved or entered.
If you were using an SSH-based protocol, it looks like there's some means to get it using GSSAPI for seamless windows auth via a supporting version of plink; food for thought.