Subversion › SVNKit › SVNKit - Users

SVN authentication problem

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

3 messages Options

Joostk

SVN authentication problem

Hello all,

I'm observing the following difference in behaviour between the svn binaries and svnkit (cli).

Using svn binaries:

$ svn info --username xxx --password xxx --no-auth-cache --non-interactive --trust-server-cert https://wsrv2164.xxx.corp/svn/REPO
Path: REPO
URL: https://wsrv2164.xxx.corp/svn/REPO
Repository Root: https://wsrv2164.xxx.corp/svn/REPO
Repository UUID: 343082f5-97f9-014a-8cc9-3848f4328179
Revision: 13
Node Kind: directory
Last Changed Author: John
Last Changed Rev: 13
Last Changed Date: 2011-10-19 08:59:55 +0200 (Wed, 19 Oct 2011)

Using jsvn, provided in svnkit distribution (svnkit-1.3.6-v1):

$ ./jsvn info --username xxx --password xxx --no-auth-cache --non-interactive --trust-server-cert https://wsrv2164.xxx.corp/svn/REPO
svn: Authentication required for '<https://wsrv2164.xxx.corp:443>'

The command line is exactly the same, but svnkit cannot access the repository while svn binaries can?

Any ideas what can cause this?

Kind regards,

Joost

Alexander Kitaev-4

Re: SVN authentication problem

Hello,

Might it be that your server uses NTLM or Negotiate authentication method?

If so, it may make sense to put the following into jsvn script (I
assume you use 1.3.6 version):

EXTRA_JVM_ARGUMENTS="-Dsvnkit.http.methods=Basic,Digest,Negotiate,NTLM"

NTLM authentication might not be supported by SVNKit in all
environments, and Negotiate one requires JDK to be configured to
support it (see
http://www.syntevo.com/smartsvn/techarticles.html?page=configuration.kerberos-over-spnego
for how to configure it). Option above will force SVNKit to prefer
simple "Basic" authentication method in case it is advertised by the
server.

Also, what does jsvn say when you remove "--non-interactive" argument
from command line?

Alexander Kitaev,
TMate Software,
http://svnkit.com/ - Java [Sub]Versioning Library!
http://hg4j.com/ - Java Mercurial Library!
http://sqljet.com/ - Java SQLite Library!

On 19 October 2011 12:44, Joostk <[hidden email]> wrote:

>
> Hello all,
>
> I'm observing the following difference in behaviour between the svn binaries
> and svnkit (cli).
>
> Using svn binaries:
>
> $ svn info --username xxx --password xxx --no-auth-cache --non-interactive
> --trust-server-cert https://wsrv2164.xxx.corp/svn/REPO
> Path: REPO
> URL: https://wsrv2164.xxx.corp/svn/REPO
> Repository Root: https://wsrv2164.xxx.corp/svn/REPO
> Repository UUID: 343082f5-97f9-014a-8cc9-3848f4328179
> Revision: 13
> Node Kind: directory
> Last Changed Author: John
> Last Changed Rev: 13
> Last Changed Date: 2011-10-19 08:59:55 +0200 (Wed, 19 Oct 2011)
>
>
> Using jsvn, provided in svnkit distribution (svnkit-1.3.6-v1):
>
> $ ./jsvn info --username xxx --password xxx --no-auth-cache
> --non-interactive --trust-server-cert https://wsrv2164.xxx.corp/svn/REPO
> svn: Authentication required for '<https://wsrv2164.xxx.corp:443>'
>
> The command line is exactly the same, but svnkit cannot access the
> repository while svn binaries can?
>
> Any ideas what can cause this?
>
> Kind regards,
>
> Joost
>
> --
> View this message in context: http://old.nabble.com/SVN-authentication-problem-tp32681409p32681409.html
> Sent from the SVNKit - Users mailing list archive at Nabble.com.
>
>
>

Joostk

Re: SVN authentication problem

Hello Alexander,

Indeed, the SVN server is a Windows based VisualSVN server. Your suggestion for the extra jvm arguments worked! Thanks a lot!

Just FYI, without the fix applied, when I remove the "--non-interactive" (and also the "--trust-server-certificate") the response of jsvn is:

Authentication realm: <https://wsrv2164.xxx.corp:443>
Username [xxx]:

So it asks again for credentials. In the end authentication always fails.

Regards,

Joost

AlexanderKitaev wrote

Hello,

Might it be that your server uses NTLM or Negotiate authentication method?

If so, it may make sense to put the following into jsvn script (I
assume you use 1.3.6 version):

EXTRA_JVM_ARGUMENTS="-Dsvnkit.http.methods=Basic,Digest,Negotiate,NTLM"

NTLM authentication might not be supported by SVNKit in all
environments, and Negotiate one requires JDK to be configured to
support it (see
http://www.syntevo.com/smartsvn/techarticles.html?page=configuration.kerberos-over-spnego
for how to configure it). Option above will force SVNKit to prefer
simple "Basic" authentication method in case it is advertised by the
server.

Also, what does jsvn say when you remove "--non-interactive" argument
from command line?

Alexander Kitaev,
TMate Software,
http://svnkit.com/ - Java [Sub]Versioning Library!
http://hg4j.com/ - Java Mercurial Library!
http://sqljet.com/ - Java SQLite Library!

On 19 October 2011 12:44, Joostk <jrkoiter@nucleon.nl> wrote:
>
> Hello all,
>
> I'm observing the following difference in behaviour between the svn binaries
> and svnkit (cli).
>
> Using svn binaries:
>
> $ svn info --username xxx --password xxx --no-auth-cache --non-interactive
> --trust-server-cert https://wsrv2164.xxx.corp/svn/REPO
> Path: REPO
> URL: https://wsrv2164.xxx.corp/svn/REPO
> Repository Root: https://wsrv2164.xxx.corp/svn/REPO
> Repository UUID: 343082f5-97f9-014a-8cc9-3848f4328179
> Revision: 13
> Node Kind: directory
> Last Changed Author: John
> Last Changed Rev: 13
> Last Changed Date: 2011-10-19 08:59:55 +0200 (Wed, 19 Oct 2011)
>
>
> Using jsvn, provided in svnkit distribution (svnkit-1.3.6-v1):
>
> $ ./jsvn info --username xxx --password xxx --no-auth-cache
> --non-interactive --trust-server-cert https://wsrv2164.xxx.corp/svn/REPO
> svn: Authentication required for '<https://wsrv2164.xxx.corp:443>'
>
> The command line is exactly the same, but svnkit cannot access the
> repository while svn binaries can?
>
> Any ideas what can cause this?
>
> Kind regards,
>
> Joost
>
> --
> View this message in context: http://old.nabble.com/SVN-authentication-problem-tp32681409p32681409.html
> Sent from the SVNKit - Users mailing list archive at Nabble.com.
>
>
>