You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@continuum.apache.org by Ulrich Metzger <ul...@muehlgasse.de> on 2009/01/06 09:41:44 UTC
How to avoid subversion scm password in pom.xml?
Hi,
I;m using a subversion repository via SVN-DAV apache module. The access is
restricted using basic authentication.
Is there a way to avoid using the http access credentials in pom.xml? I
tried to place the credentials in settings.xml, but with no luck.
Does anyone know how to keep credentials out of the pom.xml, which gests
distributed when the source is checked out.
Uli
Re: How to avoid subversion scm password in pom.xml?
Posted by Wendy Smoak <ws...@gmail.com>.
On Tue, Jan 6, 2009 at 11:08 AM, Ulrich Metzger <ul...@muehlgasse.de> wrote:
> I noticed, that a svn call using the "Add project" form did NOT store any
> credentials in the .subversion/auth
> directory of the user.
When you add a project, it's not a svn call, it's just a http(s) GET,
like viewing a web page.
--
Wendy
Re: How to avoid subversion scm password in pom.xml?
Posted by Ulrich Metzger <ul...@muehlgasse.de>.
Hi Brent,
your suggestions helped me out of that problem. It seems to me, that this is
a subversion specivic
solution, because the svn client must be able to cache the credentials when
the first successful
login happens.
I noticed, that a svn call using the "Add project" form did NOT store any
credentials in the .subversion/auth
directory of the user. So i logged in as the user under which the continuum
application was running and
did a manually checkout, providing the correct username and password. Now
the credentials got cached
and the project build started with a correct initial checkout of the
sources.
This works for me now, but i have no idea why the caching did not work when
using the form to check out the pom.xml.
Uli
2009/1/6 Brent Atkinson <ba...@usm.maine.edu>
> First, I would check that the scm url in the pom indicates a URL
> that the credentials are authorized to access, especially if you
> are using path-based authorization. I have found that because
> the URL to add the project and pom's scm URL don't have to
> match, sometimes the initial checkout works, but when the scm
> URL is used it fails.
>
> If all that checks out, did you check the 'Use SCM Credentials
> Cache, if available' checkbox when you added the project?
>
> There are at least three events where the credentials must be
> provided:
>
> * Initial checkout
> * Subsequent updates
> * Releases
>
> Unless you have disabled subversion's credential caching for
> the user running continuum, you shouldn't have problems with
> the subsequent updates/releases. If you have disabled
> credential caching, make sure that there are cached creds
> that are authorized before you disable them, and make sure
> you check the 'Use SCM Credentials Cache, if available'
> checkbox for the project.
>
> HTH,
>
> Brent
>
>
> >>> "Ulrich Metzger" <ul...@muehlgasse.de> 1/6/2009 8:35 AM >>>
> thanks for your quick reply, but the problem is not the initial checkout
> of
> the pom.xml. After i checked out the pom like you described,
> the build fails with the following error:
>
> Provider message: The svn command failed.
> Command output:
>
> -------------------------------------------------------------------------------
> svn: PROPFIND request failed on '/subversion/xxxx/xxxxx'
> svn: PROPFIND of '/subversion/xxxx/xxxx': authorization failed
> (http://xxx.xxx.org)
>
> -------------------------------------------------------------------------------
>
> Uli
>
>
> 2009/1/6 Emmanuel Venisse <em...@gmail.com>
>
> > You can define username/password in the "Add project" form
> >
> > Emmanuel
> >
> > On Tue, Jan 6, 2009 at 9:41 AM, Ulrich Metzger <ul...@muehlgasse.de>
> > wrote:
> >
> > > Hi,
> > > I;m using a subversion repository via SVN-DAV apache module. The access
> > is
> > > restricted using basic authentication.
> > > Is there a way to avoid using the http access credentials in pom.xml? I
> > > tried to place the credentials in settings.xml, but with no luck.
> > > Does anyone know how to keep credentials out of the pom.xml, which
> gests
> > > distributed when the source is checked out.
> > >
> > > Uli
> > >
> >
>
Re: How to avoid subversion scm password in pom.xml?
Posted by Brent Atkinson <ba...@usm.maine.edu>.
First, I would check that the scm url in the pom indicates a URL
that the credentials are authorized to access, especially if you
are using path-based authorization. I have found that because
the URL to add the project and pom's scm URL don't have to
match, sometimes the initial checkout works, but when the scm
URL is used it fails.
If all that checks out, did you check the 'Use SCM Credentials
Cache, if available' checkbox when you added the project?
There are at least three events where the credentials must be
provided:
* Initial checkout
* Subsequent updates
* Releases
Unless you have disabled subversion's credential caching for
the user running continuum, you shouldn't have problems with
the subsequent updates/releases. If you have disabled
credential caching, make sure that there are cached creds
that are authorized before you disable them, and make sure
you check the 'Use SCM Credentials Cache, if available'
checkbox for the project.
HTH,
Brent
>>> "Ulrich Metzger" <ul...@muehlgasse.de> 1/6/2009 8:35 AM >>>
thanks for your quick reply, but the problem is not the initial checkout of
the pom.xml. After i checked out the pom like you described,
the build fails with the following error:
Provider message: The svn command failed.
Command output:
-------------------------------------------------------------------------------
svn: PROPFIND request failed on '/subversion/xxxx/xxxxx'
svn: PROPFIND of '/subversion/xxxx/xxxx': authorization failed
(http://xxx.xxx.org)
-------------------------------------------------------------------------------
Uli
2009/1/6 Emmanuel Venisse <em...@gmail.com>
> You can define username/password in the "Add project" form
>
> Emmanuel
>
> On Tue, Jan 6, 2009 at 9:41 AM, Ulrich Metzger <ul...@muehlgasse.de>
> wrote:
>
> > Hi,
> > I;m using a subversion repository via SVN-DAV apache module. The access
> is
> > restricted using basic authentication.
> > Is there a way to avoid using the http access credentials in pom.xml? I
> > tried to place the credentials in settings.xml, but with no luck.
> > Does anyone know how to keep credentials out of the pom.xml, which gests
> > distributed when the source is checked out.
> >
> > Uli
> >
>
Re: How to avoid subversion scm password in pom.xml?
Posted by Ulrich Metzger <ul...@muehlgasse.de>.
thanks for your quick reply, but the problem is not the initial checkout of
the pom.xml. After i checked out the pom like you described,
the build fails with the following error:
Provider message: The svn command failed.
Command output:
-------------------------------------------------------------------------------
svn: PROPFIND request failed on '/subversion/xxxx/xxxxx'
svn: PROPFIND of '/subversion/xxxx/xxxx': authorization failed
(http://xxx.xxx.org)
-------------------------------------------------------------------------------
Uli
2009/1/6 Emmanuel Venisse <em...@gmail.com>
> You can define username/password in the "Add project" form
>
> Emmanuel
>
> On Tue, Jan 6, 2009 at 9:41 AM, Ulrich Metzger <ul...@muehlgasse.de>
> wrote:
>
> > Hi,
> > I;m using a subversion repository via SVN-DAV apache module. The access
> is
> > restricted using basic authentication.
> > Is there a way to avoid using the http access credentials in pom.xml? I
> > tried to place the credentials in settings.xml, but with no luck.
> > Does anyone know how to keep credentials out of the pom.xml, which gests
> > distributed when the source is checked out.
> >
> > Uli
> >
>
Re: How to avoid subversion scm password in pom.xml?
Posted by Emmanuel Venisse <em...@gmail.com>.
You can define username/password in the "Add project" form
Emmanuel
On Tue, Jan 6, 2009 at 9:41 AM, Ulrich Metzger <ul...@muehlgasse.de> wrote:
> Hi,
> I;m using a subversion repository via SVN-DAV apache module. The access is
> restricted using basic authentication.
> Is there a way to avoid using the http access credentials in pom.xml? I
> tried to place the credentials in settings.xml, but with no luck.
> Does anyone know how to keep credentials out of the pom.xml, which gests
> distributed when the source is checked out.
>
> Uli
>