Hello Brian, > it's not clear to me, immediately, what rights i have to share their code > without their permission ... and i guess it's not terribly clear what rights > they have to keep me from sharing the code either. i will try to contact > them and see how amenable they are to helping this cause. am i reading you > correctly, to say that you welcome the idea?
SVNKit might not be used in closed source projects, neither SVNKit forks might be closed source (unless SVNKit is licensed commercially). > it's not clear to me, immediately, what rights i have to share their code > without their permission ... and i guess it's not terribly clear what rights > they have to keep me from sharing the code either. i will try to contact > them and see how amenable they are to helping this cause. am i reading you > correctly, to say that you welcome the idea? Yes, sure. However, as I wrote before we already made CAC-related fixed that (some of the) CAC users were satisfied with. Wouldn't these work for you too? I think that in order to use CAC with Java applications you need to configure special security provider on the JVM level, then SVNKit might just work. Alexander Kitaev, TMate Software, http://subgit.com/ - Svn to Git Migration! http://svnkit.com/ - Java [Sub]Versioning Library! http://hg4j.com/ - Java Mercurial Library! http://sqljet.com/ - Java SQLite Library! On 7 March 2013 22:32, brian frew <brianf...@fastmail.fm> wrote: > thanks for the response, alexander > > the extended svnkit library is a part of a project called Subversion-CAC > that links to this page: > http://www.forge.mil/Resources-Subversion.html#svnkit > > the irony is that the project site is CAC protected. > > doing a quick comparison of the two libraries, it looks like they add a > package called mil.forge.software.subversion.svnkit.util which contains a > few files including a PKCS11Configurator which is referred to by > org.tmatesoft.svn.core.internal.io.dav.http.HTTPSSLKeyManager > > it's not clear to me, immediately, what rights i have to share their code > without their permission ... and i guess it's not terribly clear what rights > they have to keep me from sharing the code either. i will try to contact > them and see how amenable they are to helping this cause. am i reading you > correctly, to say that you welcome the idea? > > b > > On Mar 4, 2013, at 9:22 AM, Alexander Kitaev wrote: > > Hello, > > SVNKit from trunk does support MSCAPI certificates with a sort of a > "hack" - when prompted for SSL client certificate, user have to > specify MSCAPI;ALIAS string. Then SVNKit will use CAPI and SunMSCAPI > providers to load certificate - it will use Window-MY keystore when > SunMSCAPI provider is available and CAPI store when CAPI provider is > available. As far as I understand, one of these providers and (or) > keystores have to be configured in JVM configuration to support CAC > cards. > > I didn't find a CAC fork of SVNKit you've mentioned, but it might be > that we already have changes from there integrated into SVNKit trunk. > Could you please share a link? > Thanks! > > Alexander Kitaev, > TMate Software, > http://subgit.com/ - Svn to Git Migration! > http://svnkit.com/ - Java [Sub]Versioning Library! > http://hg4j.com/ - Java Mercurial Library! > http://sqljet.com/ - Java SQLite Library! > > > On 26 February 2013 17:48, brian frew <brianf...@fastmail.fm> wrote: > > greetings svnkit users, > > > i am a part of a fairly large team that just started using a CAC protected > TeamForge site and i am trying to determine the best way for our developers > to access the site. for the most part, we all use Eclipse which situates us > perfectly to take advantage of the CollabNet Desktop plugin. however, a > large majority of our developers are also linux (or mac) users, and it seems > that since the native svn command line in linux OS flavors and Mac OSX is > not CAC-enabled, the Desktop can't authenticate for subversion interaction. > it is my understanding that Windows version of svn *is* CAC-enabled, which > gives that subset of developers an easy road ahead. > > > from what i can tell, it would be possible to get this setup working on the > mac/linux side by substituting a SVNKit that is CAC-enabled for the JavaHL > libraries ... and in fact, there seems to be a fork'd version of SVNKit out > there called SVNKit-CAC. a lot of us are currently using a Java command > line tool called jsvn-cac that uses the svnkit jars. > > > i was wondering if there is any plan, thoughts or previous discussion about > getting that CAC auth code into the main SVNKit build. i am assuming that > this would allow us to use the Eclipse Marketplace to install CollabNet > Desktop and SVNKit (CAC-enabled) to then get full Desktop functionality on > our macs and linux boxes. > > > thanks for reading, looking forward to any discussion this may bring > > b > > > p.s. other solutions also welcome! > > >
