Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * ====================================================================
   * Copyright (c) 2004-2006 TMate Software Ltd.  All rights reserved.
   *
   * This software is licensed as described in the file COPYING, which
   * you should have received as part of this distribution.  The terms
   * are also available at http://svnkit.com/license.html
   * If newer versions of this license are posted there, you may use a
   * newer version instead, at your option.
  * ====================================================================
  */
 package org.tmatesoft.svn.core.auth;
 
The ISVNAuthenticationManager is implemented by manager classes used by SVNRepository drivers for user authentication purposes.

When an SVNRepository driver is created, you should provide an authentication manager via a call to:

 import org.tmatesoft.svn.core.io.SVNRepository;
 import org.tmatesoft.svn.core.auth.ISVNAuthenticationManager;
 ...
     SVNRepository repository;
     ISVNAuthenticationManager authManger;
     ...
     
     repository.setAuthenticationManager(authManager);
     ...

SVNKit provides a default authentication manager implementation - org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager. This manager has got the following features:

  • uses the auth storage from the default Subversion runtime configuration area;
  • may use the auth storage in the directory you specify;
  • uses the ssh, ssl & proxy options from the standard config and servers files;
  • stores credentials in the in-memory cache during runtime;
You may also specify your own auth provider (ISVNAuthenticationProvider) to this default manager, it will be used along with those default ones, that implement the features listed above.

If using the https:// protocol and if no user's authentication provider implementation is set to the default manager, server certificates are accepted temporarily and therefore are not cached on the disk. To enable server CAs caching, a user should set an authentication provider implementation which acceptServerAuthentication() method must return ISVNAuthenticationProvider.ACCEPTED. That will switch on certificate on-the-disk caching.

How to get a default auth manager instance see org.tmatesoft.svn.core.wc.SVNWCUtil.

Author(s):
TMate Software Ltd.
Version:
1.1.0
See also:
org.tmatesoft.svn.core.io.SVNRepository
 
 public interface ISVNAuthenticationManager {
    
A simple password credential kind ("svn.simple")
 
     public static final String PASSWORD = "svn.simple";
    
An ssh credential kind ("svn.ssh")
 
     public static final String SSH = "svn.ssh";
    
An ssl credential kind ("svn.ssl")
 
     public static final String SSL = "svn.ssl";

    
A simple username credential kind ("svn.username"). Only usernames are cached/provided matched against an appropriate realms (which are repository UUIDs in this case). In particular this kind is used in file:/// and svn+ssh:// access schemes.
 
     public static final String USERNAME = "svn.username";
    
    
Sets a custom authentication provider that will provide user credentials for authentication.

Parameters:
provider an authentication provider
 
     public void setAuthenticationProvider(ISVNAuthenticationProvider provider);
    
    
Returns a proxy manager that keeps settings for that proxy server over which HTTP requests are send to a repository server.

A default auth manager uses proxy settings from the standard servers file.

Parameters:
url a repository location that will be accessed over the proxy server for which a manager is needed
Returns:
a proxy manager
Throws:
org.tmatesoft.svn.core.SVNException
    public ISVNProxyManager getProxyManager(SVNURL urlthrows SVNException;
    
    
Returns the SSL manager for secure interracting with a repository.

A default implementation of ISVNAuthenticationManager returns an SSL manager that uses CA and user certificate files specified in the standard servers file.

Even if the default manager's getSSLManager() method returns null for the given url, a secure context will be created anymore, but, of course no user certificate files are provided to a server as well as server's certificates are not checked.

Parameters:
url a repository location to access
Returns:
an appropriate SSL manager
Throws:
org.tmatesoft.svn.core.SVNException
    public ISVNSSLManager getSSLManager(SVNURL urlthrows SVNException;
    
    
Retrieves the first user credential. The scheme of retrieving credentials:
  • For the first try to authenticate a user to a repository (using the specifed realm) an SVNRepository driver calls getFirstAuthentication() and sends the retrieved credential.
  • If the credential is accepted, it may be stored. If not, the driver calls getNextAuthentication() and sends the next credential.
  • If the last credential was not accepted, the driver still tries to get the next credential for the same realm.

For each credential kind an implementor should return a kind-specific credential. The following table matches kinds to proper credential classes:

Credential KindCredential Class
PASSWORDSVNPasswordAuthentication
SSHSVNSSHAuthentication
SSLSVNSSLAuthentication
USERNAMESVNUserNameAuthentication

Parameters:
kind a credential kind
realm a repository authentication realm
url a repository location that is to be accessed
Returns:
the first try user credential
Throws:
org.tmatesoft.svn.core.SVNException
    public SVNAuthentication getFirstAuthentication(String kindString realmSVNURL urlthrows SVNException;
    
    
Retrieves the next user credential if the first try failed. The scheme of retrieving credentials:
  • For the first try to authenticate a user to a repository (using the specifed realm) an SVNRepository driver calls getFirstAuthentication() and sends the retrieved credential.
  • If the credential is accepted, it may be stored. If not, the driver calls getNextAuthentication() and sends the next credential.
  • If the last credential was not accepted, the driver still tries to get the next credential for the same realm.

For each credential kind an implementor should return a kind-specific credential. The following table matches kinds to proper credential classes:

Credential KindCredential Class
PASSWORDSVNPasswordAuthentication
SSHSVNSSHAuthentication
SSLSVNSSLAuthentication
USERNAMESVNUserNameAuthentication

Parameters:
kind a credential kind
realm a repository authentication realm
url a repository location that is to be accessed
Returns:
the next try user credential
Throws:
org.tmatesoft.svn.core.SVNException
    public SVNAuthentication getNextAuthentication(String kindString realmSVNURL urlthrows SVNException;
    
    
Accepts the given authentication if it was successfully accepted by a repository server, or not if authentication failed. As a result the provided credential may be cached (authentication succeeded) or deleted from the cache (authentication failed).

Parameters:
accepted true if the credential was accepted by the server, otherwise false
kind a credential kind (PASSWORD or SSH or USERNAME)
realm a repository authentication realm
errorMessage the reason of the authentication failure
authentication a user credential to accept/drop
Throws:
org.tmatesoft.svn.core.SVNException
    public void acknowledgeAuthentication(boolean acceptedString kindString realmSVNErrorMessage errorMessageSVNAuthentication authenticationthrows SVNException;
    
    
Sets a specific runtime authentication storage manager. This storage manager will be asked by this auth manager for cached credentials as well as used to cache new ones accepted recently.

Parameters:
storage a custom auth storage manager
    public void setRuntimeStorage(ISVNAuthenticationStorage storage);
    
    
Checks whether client should send authentication credentials to a repository server not waiting for the server's challenge.

In some cases it may be necessary to send credentials beforehand, not waiting until the server asks to do it itself. To achieve such behaviour an implementor should return true from this routine.

Returns:
true if authentication credentials are forced to be sent;false when credentials are to be sent only in response to a server challenge
See also:
setAuthenticationForced(boolean)
    public boolean isAuthenticationForced();

    
Specifies the way how credentials are to be supplied to a repository server.

Parameters:
forced true to force credentials sending; false to put off sending credentials till a server challenge
See also:
isAuthenticationForced()
    public void setAuthenticationForced(boolean forced);
    
    
Returns a connection timeout value.

Parameters:
repository a repository access driver
Returns:
connection timeout value
Since:
1.1
    public long getHTTPTimeout(SVNRepository repository);
New to GrepCode? Check out our FAQ X