Sorry about the formatting on that last one, this should be more readable.
I'm reposting this thread because Mark and I didn't get any responses
- I'd definitely appreciate any help related to my original issue or
Mark's additional notes (please see below). Thanks,
-Brian
>
>
> > --- Brian Clarke <brian_p_clarke@yahoo.com> wrote:
> >
> > > For background, I posted the following to the
> > > Subclipse users list and was redirected here after
> > > discussion - I'd appreciate any help:
> > >
> > > From what I gathered on the Subclipse list, it
> > > appears that JavaHL isn't using the prompting
> > > mechanisms for client certificates and
> > > passwords when used with Subclipse.
> > >
> > > If I add both the ssl-client-cert-file and the
> > > ssl-client-cert-password (plaintext) to the
> > > Subversion 'servers' file, both the 'svn'
> > > command-line client and Subclipse succeed in
> > > connecting to the repository.
> > >
> > > Unfortunately, having the plaintext password on
> > > disk is likely to be unacceptable.
> > >
> > > If I leave the ssl-client-cert-password out: a)
> > > the svn command-line client prompts for the
> > > password and then succeeds in connecting
> > > to the repository, while
> > > b) Subclipse (Eclipse SVN Repository
> > > Perspective->New Repository Location...) doesn't
> > > prompt for a password and fails.
> > >
> > > In addition, if I leave both
> > > ssl-client-cert-{file,password} out of the servers
> > > config, the svn client prompts for both the
> > > certificate filename and the password, and
> > > succeeds.
> > >
> > > Subclipse doesn't prompt for either, and fails.
> > >
> > > Can anyone provide some input to resolve this
> > > situation? Is this a JavaHL issue?
> > >
> > > [It'd be fine to configure the client cert file
> > > location and have Subclipse prompt the user for
> > > the password (say once per Eclipse dev
> > > "session").]
> > >
> > > Thanks,
> > > -Brian
> >
> > I asked Brian to post this. I think it is a JavaHL
> > bug. We have registered a prompting interface
> > with JavaHL so that we can provide a GUI to
> > prompt the user when needed. This works for
> > normal username and password, as well as
> > accepting server certificate.
> > I think that JavaHL just needs to be enhanced to
> > use this interface in this scenario as well.
> >
> > There is also another bug I have posted to this
> > list where if we use the Accept Temporary option
> > on a server certificate it doesn't really work
> > correctly. The initial request succeeds, but all
> > subsequent requests fail. Ideally the "accept
> > temporary" would be cached somewhere, at
> > worst the user would be continually prompted.
> > Neither happens currently.
> >
> > Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Aug 1 19:19:27 2005