Unusual SVN authentication method

[Dallas Clement]

Hi All,
Hello All,

I am re-posting my issue from yesterday. I think it got lost in the
list migration.

I’m trying to setup Hudson for a project that uses SVN for the code
repository. The SVN repo requires both username/password
authentication as well as public key authentication. In other words,
I need to be able to configure Hudson to accept both a
username/password and private-key/passphrase. There’s not a whole lot
I can do to change this.

Hudson seems to allow one of three options:

1) Username / password authentication
2) Public key authentication
3) HTTPS client certificate authentication

Can anyone tell me how to circumvent this apparent restriction to do
both #1 and #2?

Thanks,

Dallas

[Kohsuke Kawaguchi]

Interesting. I didn't even know you can do that with Subversion.
What's the protocol? svn+ssh?
Have you tried entering credential twice, one for username+password
and another for public key?

I think if there's an environment that reproduces the setup, it'll be
much easier for us to work on.

Or better yet, any chance you'd be willing to hack the subversion plugin?

2010/11/23 Dallas Clement <dallas.a...@gmail.com>:

--
Kohsuke Kawaguchi

[Dallas Clement]

Yes, apparently it is quite possible to setup public key
authentication as the first barrier and then username+password as the
second. The SVN repo URL is https://... Unfortunately, I'm not able
to enter the credentials twice because of the radio button type
control which allows only one option to be selected at a time.

The fix would be to perhaps change the radio buttons to check boxes,
allowing both credentials to be entered.

Hacking the subversion plugin is probably over my head, but I would be
willing to take a look. I'll definitely see if I can recreate an
environment that you could try and connect to.

[Dallas Clement]

Need to correct my description. My SVN server requires a HTTPS client
certificate authentication first and then a username / password
authentication second. So what I really need the Hudson SVN
authentication plugin to do is capture both bits of information, i.e.
the cert file / passphrase and the username / password.

I'm getting the following error message as you can see, because
username/password is empty when I select the HTTPS client cert option:

Attempting an SSL client certificate authentcation
Passing user name null and password you entered
Failed to authenticate: svn: OPTIONS of 'blah-blah': 401 Authorization
Required (https://blah-blah)
FAILED: svn: Authentication failed for https://blah-blah

org.tmatesoft.svn.core.SVNAuthenticationException: svn: Authentication
failed for https://blah-blah
at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.authenticationFailed(SVNErrorManager.java:47)
at org.tmatesoft.svn.core.internal.wc.SVNErrorManager.authenticationFailed(SVNErrorManager.java:41)
at hudson.scm.UserProvidedCredential$AuthenticationManagerImpl.getNextAuthentication(UserProvidedCredential.java:207)

[Kohsuke Kawaguchi]

Ah, I was hoping that first you can enter the client certificate, then
go back to the credential screen again to enter username/password, but
I guess when you just enter the certificate, the authentication still
fails so Hudson refuses to store that cert.

Can you file a ticket for this?

2010/11/24 Dallas Clement <dallas.a...@gmail.com>:

--
Kohsuke Kawaguchi

[Dallas Clement]

I sure can. Here it is http://issues.hudson-ci.org/browse/HUDSON-8181

Thanks

[Dallas Clement]

Is it possible to specify a username in the subversion.credentials
file in addition to a SSL certificate and passphrase?

I think part of my problem is that Hudson is trying to authenticate as
user "hudson", but that user is not recognized by the server. Is it
possible to fool Hudson into specifying a different username for SSL
cert authentication? I would be glad to hack the
subversion.credentials file if I knew what to do.

On Fri, Nov 26, 2010 at 2:51 PM, Dallas Clement