thanks for the response, alexander the extended svnkit library is a part of a project called Subversion-CAC that links to this page: http://www.forge.mil/Resources-Subversion.html#svnkit
the irony is that the project site is CAC protected. doing a quick comparison of the two libraries, it looks like they add a package called mil.forge.software.subversion.svnkit.util which contains a few files including a PKCS11Configurator which is referred to by org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager it's not clear to me, immediately, what rights i have to share their code without their permission ... and i guess it's not terribly clear what rights they have to keep me from sharing the code either. i will try to contact them and see how amenable they are to helping this cause. am i reading you correctly, to say that you welcome the idea? b On Mar 4, 2013, at 9:22 AM, Alexander Kitaev wrote: > Hello, > > SVNKit from trunk does support MSCAPI certificates with a sort of a > "hack" - when prompted for SSL client certificate, user have to > specify MSCAPI;ALIAS string. Then SVNKit will use CAPI and SunMSCAPI > providers to load certificate - it will use Window-MY keystore when > SunMSCAPI provider is available and CAPI store when CAPI provider is > available. As far as I understand, one of these providers and (or) > keystores have to be configured in JVM configuration to support CAC > cards. > > I didn't find a CAC fork of SVNKit you've mentioned, but it might be > that we already have changes from there integrated into SVNKit trunk. > Could you please share a link? > Thanks! > > Alexander Kitaev, > TMate Software, > http://subgit.com/ - Svn to Git Migration! > http://svnkit.com/ - Java [Sub]Versioning Library! > http://hg4j.com/ - Java Mercurial Library! > http://sqljet.com/ - Java SQLite Library! > > > On 26 February 2013 17:48, brian frew <brianf...@fastmail.fm> wrote: >> greetings svnkit users, >> >> i am a part of a fairly large team that just started using a CAC protected >> TeamForge site and i am trying to determine the best way for our developers >> to access the site. for the most part, we all use Eclipse which situates us >> perfectly to take advantage of the CollabNet Desktop plugin. however, a >> large majority of our developers are also linux (or mac) users, and it seems >> that since the native svn command line in linux OS flavors and Mac OSX is >> not CAC-enabled, the Desktop can't authenticate for subversion interaction. >> it is my understanding that Windows version of svn *is* CAC-enabled, which >> gives that subset of developers an easy road ahead. >> >> from what i can tell, it would be possible to get this setup working on the >> mac/linux side by substituting a SVNKit that is CAC-enabled for the JavaHL >> libraries ... and in fact, there seems to be a fork'd version of SVNKit out >> there called SVNKit-CAC. a lot of us are currently using a Java command >> line tool called jsvn-cac that uses the svnkit jars. >> >> i was wondering if there is any plan, thoughts or previous discussion about >> getting that CAC auth code into the main SVNKit build. i am assuming that >> this would allow us to use the Eclipse Marketplace to install CollabNet >> Desktop and SVNKit (CAC-enabled) to then get full Desktop functionality on >> our macs and linux boxes. >> >> thanks for reading, looking forward to any discussion this may bring >> b >> >> p.s. other solutions also welcome! >
