authentication question
|
View:
New views
5 Messages
—
Rating Filter:
Alert me
|
 |
authentication question
by sydney
::
Rate this Message:
Hi all,
I'm a total newbie! I just started using SVNKit few days ago and I am totally lost. I don't have any experience with certificate authentication and the like. I have read all available examples and documentations about how to use SVNKit..but I couldn't think of a way to put all of them together. Anyway, here goes my problem. I just need to get all logs from my repository (okay, I already found an example that does what I want) but then, here is where my problem comes in. I need to use a secured http connection. I know that I should be using the SSLManager but I just don't know how to apply it to my AuthenticationManager. Honestly, I haven't done anything yet. I am hoping that you guys can help me out. Like point me to the right direction or something. Any help will be much appreciated. Thanks so much, in advance. Regards, Sydney |
|
|
Re: authentication question
by Alexander Kitaev-3
::
Rate this Message:
Hello Sydney,
If your server requires client SSL certificate, then you have two options: 1. Specify it in Subversion 'servers' file (you may find it at ~/.subversion directory on Linux and OS X, and at USER_HOME/Application Data/Subversion directory on Windows). If you'll then use SVN*Client classes of SVNKit (i.e. high level API) with default options, than SVNKit will read configuration file and will use certificate specified. 2. If you're using SVNRepository (i.e. low level API), you have to provide instance of ISVNAuthenticationManager to it. The easiest way is to extend BasicAuthenticationManager and create new DefaultSSLManager in its getSSLManager(...) method. I'd suggest you to use DefaultSVNAuthenticationManager as an example for that. Alexander Kitaev, TMate Software, http://svnkit.com/ - Java [Sub]Versioning Library! sydney wrote: > Hi all, > > I'm a total newbie! I just started using SVNKit few days ago and I am > totally lost. I don't have any experience with certificate authentication > and the like. I have read all available examples and documentations about > how to use SVNKit..but I couldn't think of a way to put all of them > together. Anyway, here goes my problem. > > I just need to get all logs from my repository (okay, I already found an > example that does what I want) but then, here is where my problem comes in. > I need to use a secured http connection. I know that I should be using the > SSLManager but I just don't know how to apply it to my > AuthenticationManager. Honestly, I haven't done anything yet. I am hoping > that you guys can help me out. Like point me to the right direction or > something. > > Any help will be much appreciated. Thanks so much, in advance. > > Regards, > Sydney |
|
|
Re: authentication question
by sydney
::
Rate this Message:
Hi Alexander,
Thank you so much for your reply. I did your #2 suggestion. But I extended the DefaultSVNAuthenticationManager instead of the BasicAuthenticationManager. I used debug to make sure that my certificate file is being passed to the DefaultSVNSSLManager. File certFile = new File("C://myFile.cer"); File authDir = new File("C:\\trusted"); ISVNAuthenticationManager authManager = new SVNAuthenticationManager(name, password, authDir, certFile, true, false, true); ISVNSSLManager sslManager = authManager.getSSLManager( SVNURL.parseURIDecoded( url ) ); repository.setAuthenticationManager( authManager ); repository.testConnection(); Somewhere down "repository.testConnection();", i got to DefaultSVNSSLManager.getKeyManagers(). At this point, myClientCertFile's path = "C:\myFile.cer" myClientCertPassword = "changeit" then I got an exception in this line: keyStore.load(is, passphrase); The error message is: "DER input, Integer tag error". After some time of searching the net, i read somewhere that the problem is how the KeyStore is initialized. I'm not sure is this really is the problem. I hope you can help me. Thanks again. Sydney
|
|
|
Re: authentication question
by Alexander Kitaev-3
::
Rate this Message:
Hello Sydney,
> then I got an exception in this line: > > keyStore.load(is, passphrase); > > The error message is: "DER input, Integer tag error". Key file should be in PCSC12 format. Most probably you can export your existing cert into this format using openssl program, see http://www.blissjunkies.org/blog/2007/02/13/export-pem-certificate-to-pfx-pks12-for-iis/ for example. Alexander Kitaev, TMate Software, http://svnkit.com/ - Java [Sub]Versioning Library! sydney wrote: > Hi Alexander, > > Thank you so much for your reply. > > I did your #2 suggestion. But I extended the DefaultSVNAuthenticationManager > instead of the BasicAuthenticationManager. I used debug to make sure that my > certificate file is being passed to the DefaultSVNSSLManager. > > File certFile = new File("C://myFile.cer"); > File authDir = new File("C:\\trusted"); > > ISVNAuthenticationManager authManager = new SVNAuthenticationManager(name, > password, authDir, certFile, true, false, true); > ISVNSSLManager sslManager = authManager.getSSLManager( > SVNURL.parseURIDecoded( url ) ); > repository.setAuthenticationManager( authManager ); > repository.testConnection(); > > Somewhere down "repository.testConnection();", i got to > DefaultSVNSSLManager.getKeyManagers(). At this point, > > myClientCertFile's path = "C:\myFile.cer" > myClientCertPassword = "changeit" > > then I got an exception in this line: > > keyStore.load(is, passphrase); > > The error message is: "DER input, Integer tag error". After some time of > searching the net, i read somewhere that the problem is how the KeyStore is > initialized. I'm not sure is this really is the problem. I hope you can help > me. > > Thanks again. > > Sydney > > > > > > > > Alexander Kitaev-3 wrote: >> Hello Sydney, >> >> If your server requires client SSL certificate, then you have two options: >> >> 1. >> >> Specify it in Subversion 'servers' file (you may find it at >> ~/.subversion directory on Linux and OS X, and at USER_HOME/Application >> Data/Subversion directory on Windows). If you'll then use SVN*Client >> classes of SVNKit (i.e. high level API) with default options, than >> SVNKit will read configuration file and will use certificate specified. >> >> 2. >> >> If you're using SVNRepository (i.e. low level API), you have to provide >> instance of ISVNAuthenticationManager to it. The easiest way is to >> extend BasicAuthenticationManager and create new DefaultSSLManager in >> its getSSLManager(...) method. >> >> I'd suggest you to use DefaultSVNAuthenticationManager as an example for >> that. >> >> >> >> Alexander Kitaev, >> TMate Software, >> http://svnkit.com/ - Java [Sub]Versioning Library! >> >> sydney wrote: >>> Hi all, >>> >>> I'm a total newbie! I just started using SVNKit few days ago and I am >>> totally lost. I don't have any experience with certificate authentication >>> and the like. I have read all available examples and documentations about >>> how to use SVNKit..but I couldn't think of a way to put all of them >>> together. Anyway, here goes my problem. >>> >>> I just need to get all logs from my repository (okay, I already found an >>> example that does what I want) but then, here is where my problem comes >>> in. >>> I need to use a secured http connection. I know that I should be using >>> the >>> SSLManager but I just don't know how to apply it to my >>> AuthenticationManager. Honestly, I haven't done anything yet. I am hoping >>> that you guys can help me out. Like point me to the right direction or >>> something. >>> >>> Any help will be much appreciated. Thanks so much, in advance. >>> >>> Regards, >>> Sydney >> > |
|
|
Re: authentication question
by sydney
::
Rate this Message:
Hi Alexander,
Thanks for your help! It worked!!! I almost can't believe it. Thank you, thank you so much. Regards, Sydney
|
| Free embeddable forum powered by Nabble | Forum Help |
