Interface ISVNAuthenticationManager
-
- All Known Subinterfaces:
ISVNAuthenticationManagerExt
- All Known Implementing Classes:
BasicAuthenticationManager
,DefaultSVNAuthenticationManager
public interface ISVNAuthenticationManager
The ISVNAuthenticationManager is implemented by manager classes used by SVNRepository drivers for user authentication purposes.When an SVNRepository driver is created, you should provide an authentication manager via a call to:
import org.tmatesoft.svn.core.io.SVNRepository; import org.tmatesoft.svn.core.auth.ISVNAuthenticationManager; ... SVNRepository repository; ISVNAuthenticationManager authManger; ... repository.setAuthenticationManager(authManager); ...
SVNKit provides a default authentication manager implementation - org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager. This manager has got the following features:
- uses the auth storage from the default Subversion runtime configuration area;
- may use the auth storage in the directory you specify;
- uses the ssh, ssl & proxy options from the standard config and servers files;
- stores credentials in the in-memory cache during runtime;
If using the https:// protocol and if no user's authentication provider implementation is set to the default manager, server certificates are accepted temporarily and therefore are not cached on the disk. To enable server CAs caching, a user should set an authentication provider implementation which
acceptServerAuthentication()
method must returnISVNAuthenticationProvider.ACCEPTED
. That will switch on certificate on-the-disk caching.How to get a default auth manager instance see
SVNWCUtil
.- Since:
- 1.2
- Version:
- 1.3
- See Also:
SVNRepository
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
PASSWORD
A simple password credential kind ("svn.simple")static java.lang.String
SSH
An ssh credential kind ("svn.ssh")static java.lang.String
SSL
An ssl credential kind ("svn.ssl.client-passphrase")static java.lang.String
USERNAME
A simple username credential kind ("svn.username").
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
acknowledgeAuthentication(boolean accepted, java.lang.String kind, java.lang.String realm, SVNErrorMessage errorMessage, SVNAuthentication authentication)
Accepts the given authentication if it was successfully accepted by a repository server, or not if authentication failed.void
acknowledgeTrustManager(javax.net.ssl.TrustManager manager)
Acknowledges the specified trust manager.int
getConnectTimeout(SVNRepository repository)
Returns the connection timeout value in milliseconds whichrepository
should use in network connection operations.SVNAuthentication
getFirstAuthentication(java.lang.String kind, java.lang.String realm, SVNURL url)
Retrieves the first user credential.SVNAuthentication
getNextAuthentication(java.lang.String kind, java.lang.String realm, SVNURL url)
Retrieves the next user credential if the first try failed.ISVNProxyManager
getProxyManager(SVNURL url)
Returns a proxy manager that keeps settings for that proxy server over which HTTP requests are send to a repository server.int
getReadTimeout(SVNRepository repository)
Returns the read timeout value in milliseconds whichrepository
should use in socket read operations.javax.net.ssl.TrustManager
getTrustManager(SVNURL url)
Returns a manager which handles trust data for the specifiedurl
.boolean
isAuthenticationForced()
Checks whether client should send authentication credentials to a repository server not waiting for the server's challenge.void
setAuthenticationProvider(ISVNAuthenticationProvider provider)
Sets a custom authentication provider that will provide user credentials for authentication.
-
-
-
Field Detail
-
PASSWORD
static final java.lang.String PASSWORD
A simple password credential kind ("svn.simple")- See Also:
- Constant Field Values
-
SSH
static final java.lang.String SSH
An ssh credential kind ("svn.ssh")- See Also:
- Constant Field Values
-
SSL
static final java.lang.String SSL
An ssl credential kind ("svn.ssl.client-passphrase")- See Also:
- Constant Field Values
-
USERNAME
static final java.lang.String USERNAME
A simple username credential kind ("svn.username"). Only usernames are cached/provided matched against an appropriate realms (which are repository UUIDs in this case). In particular this kind is used infile:///
andsvn+ssh://
access schemes.- See Also:
- Constant Field Values
-
-
Method Detail
-
setAuthenticationProvider
void setAuthenticationProvider(ISVNAuthenticationProvider provider)
Sets a custom authentication provider that will provide user credentials for authentication.- Parameters:
provider
- an authentication provider
-
getProxyManager
ISVNProxyManager getProxyManager(SVNURL url) throws SVNException
Returns a proxy manager that keeps settings for that proxy server over which HTTP requests are send to a repository server.A default auth manager uses proxy settings from the standard servers file.
- Parameters:
url
- a repository location that will be accessed over the proxy server for which a manager is needed- Returns:
- a proxy manager
- Throws:
SVNException
-
getTrustManager
javax.net.ssl.TrustManager getTrustManager(SVNURL url) throws SVNException
Returns a manager which handles trust data for the specifiedurl
. Note: in pre-1.2.0 versionsISVNAuthenticationManager
used to provideISVNSSLManager
via a methodgetSSLManager()
which is now replaced by this one.ISVNSSLManager
is no longer used (replaced byTrustManager
).- Parameters:
url
- repository url- Returns:
- trust manager
- Throws:
SVNException
- Since:
- 1.2.0
-
getFirstAuthentication
SVNAuthentication getFirstAuthentication(java.lang.String kind, java.lang.String realm, SVNURL url) throws SVNException
Retrieves the first user credential. The scheme of retrieving credentials:- For the first try to authenticate a user to a repository (using the specifed realm) an SVNRepository driver calls getFirstAuthentication() and sends the retrieved credential.
- If the credential is accepted, it may be stored. If not, the driver
calls
getNextAuthentication()
and sends the next credential. - If the last credential was not accepted, the driver still tries to get the next credential for the same realm.
For each credential
kind
an implementor should return a kind-specific credential. The following table matches kinds to proper credential classes:Credential Kind Credential Class PASSWORD
SVNPasswordAuthentication
SSH
SVNSSHAuthentication
SSL
SVNSSLAuthentication
USERNAME
SVNUserNameAuthentication
- Parameters:
kind
- a credential kindrealm
- a repository authentication realmurl
- a repository location that is to be accessed- Returns:
- the first try user credential
- Throws:
SVNException
-
getNextAuthentication
SVNAuthentication getNextAuthentication(java.lang.String kind, java.lang.String realm, SVNURL url) throws SVNException
Retrieves the next user credential if the first try failed. The scheme of retrieving credentials:- For the first try to authenticate a user to a repository (using the
specifed realm) an SVNRepository driver calls
getFirstAuthentication()
and sends the retrieved credential. - If the credential is accepted, it may be stored. If not, the driver calls getNextAuthentication() and sends the next credential.
- If the last credential was not accepted, the driver still tries to get the next credential for the same realm.
For each credential
kind
an implementor should return a kind-specific credential. The following table matches kinds to proper credential classes:Credential Kind Credential Class PASSWORD
SVNPasswordAuthentication
SSH
SVNSSHAuthentication
SSL
SVNSSLAuthentication
USERNAME
SVNUserNameAuthentication
- Parameters:
kind
- a credential kindrealm
- a repository authentication realmurl
- a repository location that is to be accessed- Returns:
- the next try user credential
- Throws:
SVNException
- For the first try to authenticate a user to a repository (using the
specifed realm) an SVNRepository driver calls
-
acknowledgeAuthentication
void acknowledgeAuthentication(boolean accepted, java.lang.String kind, java.lang.String realm, SVNErrorMessage errorMessage, SVNAuthentication authentication) throws SVNException
Accepts the given authentication if it was successfully accepted by a repository server, or not if authentication failed. As a result the provided credential may be cached (authentication succeeded) or deleted from the cache (authentication failed).- Parameters:
accepted
- true if the credential was accepted by the server, otherwise falsekind
- a credential kind (PASSWORD
orSSH
orUSERNAME
)realm
- a repository authentication realmerrorMessage
- the reason of the authentication failureauthentication
- a user credential to accept/drop- Throws:
SVNException
-
acknowledgeTrustManager
void acknowledgeTrustManager(javax.net.ssl.TrustManager manager)
Acknowledges the specified trust manager. This method is called only when a secure connection is successfully established with the specifiedmanager
.- Parameters:
manager
- trust manager to acknowledge (one returned bygetTrustManager(SVNURL)
)- Since:
- 1.2.0
-
isAuthenticationForced
boolean isAuthenticationForced()
Checks whether client should send authentication credentials to a repository server not waiting for the server's challenge.In some cases it may be necessary to send credentials beforehand, not waiting until the server asks to do it itself. To achieve such behaviour an implementor should return true from this routine.
- Returns:
- true if authentication credentials are forced to be sent;false when credentials are to be sent only in response to a server challenge
-
getReadTimeout
int getReadTimeout(SVNRepository repository)
Returns the read timeout value in milliseconds whichrepository
should use in socket read operations. Socket read operations will block only for this amount of time.- Parameters:
repository
- a repository access driver- Returns:
- connection timeout value
- Since:
- 1.2.0
-
getConnectTimeout
int getConnectTimeout(SVNRepository repository)
Returns the connection timeout value in milliseconds whichrepository
should use in network connection operations.- Parameters:
repository
- repository access object- Returns:
- connection timeout value in milliseconds which will be set to a socket
- Since:
- 1.2.0
-
-