I'm reposting this thread because Mark and I didn't
get any responses - I'd definitely appreciate any help
related to my original issue or Mark's additional
notes (please see below). Thanks,
-Brian
> --- Brian Clarke <brian_p_clarke@yahoo.com> wrote:
>
> > For background, I posted the following to the
> > Subclipse users list and was redirected here after
> > discussion - I'd appreciate any help:
> >
> > From what I gathered on the Subclipse list, it
> > appears
> > that JavaHL isn't using the prompting mechanisms
> for
> > client certificates and passwords when used with
> > Subclipse.
> >
> > If I add both the ssl-client-cert-file and the
> > ssl-client-cert-password (plaintext) to the
> > Subversion
> > 'servers' file, both the 'svn' command-line client
> > and
> > Subclipse succeed in connecting to the repository.
>
> > Unfortunately, having the plaintext password on
> disk
> > is likely to be unacceptable.
> >
> > If I leave the ssl-client-cert-password out: a)
> the
> > svn command-line client prompts for the password
> and
> > then succeeds in connecting to the repository,
> while
> > b) Subclipse (Eclipse SVN Repository
> > Perspective->New
> > Repository Location...) doesn't prompt for a
> > password
> > and fails.
> >
> > In addition, if I leave both
> > ssl-client-cert-{file,password} out of the servers
> > config, the svn client prompts for both the
> > certificate filename and the password, and
> succeeds.
> >
> > Subclipse doesn't prompt for either, and fails.
> >
> > Can anyone provide some input to resolve this
> > situation? Is this a JavaHL issue?
> >
> > [It'd be fine to configure the client cert file
> > location and have Subclipse prompt the user for
> the
> > password (say once per Eclipse dev "session").]
> >
> > Thanks,
> > -Brian
>
> I asked Brian to post this. I think it is a JavaHL
> bug. We have
> registered a prompting interface with JavaHL so that
> we can provide a
> GUI
> to prompt the user when needed. This works for
> normal
> username and
> password, as well as accepting server certificate.
> I
> think that JavaHL
> just needs to be enhanced to use this interface in
> this scenario as
> well.
>
> There is also another bug I have posted to this list
> where if we use
> the
> Accept Temporary option on a server certificate it
> doesn't really work
> correctly. The initial request succeeds, but all
> subsequent requests
> fail. Ideally the "accept temporary" would be
> cached
> somewhere, at
> worst
> the user would be continually prompted. Neither
> happens currently.
>
> Mark
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Aug 1 17:41:00 2005