For some reason, no matter how I go about it, I cannot get TortoiseSVN to add an Author to Log Messages.
Currently we connect to a PC running svnserve, so it's not a file:// Address.
We have tried using svn://Username#svnAddress, svn://svnAddress
Even setting svn:keywords $Author: AuthorName$
I was under the impression that TortoiseSVN would use the windows login name, prior to upgrading from a file based repo, these did show.
Note: We are also connecting to a domain, if this would affect anything.
also, no hook scripts are in play and the svnserve.conf is default.
SVN Server is using SVN Version 1.5.1 (x86), Windows Server 2003.
Clients are using latest version of Tortoise, both x86 and x64.
Any help would be much appreciated.
Ohh and the SVN is used for source code, so it is programming related :) (well semi related anyway)
The svn: protocol, by default, does not do any authentication, and consequently, no identification of the remote user. As TortoiseSVN does not need to authenticate, no user gets logged.
The SVN keywords don't have to do much with this: If you put $Author$ in a file, it will expand to the author of the commit, rather than setting the user. In the keyword syntax, there is no support for colons.
So if you want to authenticate with svnserve, you should first set anon-access to none or read, to force an authentication prompt. You then need to setup a password database; svnserve has only support for CRAM-MD5 builtin. I recommend you try to get this working first, handing out new passwords to all users. Alternatively, you can try to setup SASL, which would then allow for NTLM authentication - provided you can get SASL to work on your system.
Yet alternatively, you can switch to a different protocol. If, by "PC", you mean "Windows", then I guess the ssh-based protocol is ruled out. That leaves http(s); it should be possible to set up Apache on Windows with NTLM authentication, so that the NTLM user appears as the svn author.
Related
I am able to perform all git operations via git command line (Terminal),But via Xcode causes an authentication error "Enter your credentials for the repository"
Since this work with Xcode 6.4 but not in Xcode8.3. This may happens cause XCode 7 doesn't support Windows Authentication. It seems to be a common problem amongst users because there are many posts about it in google.
To make it all work you should enable Basic Authentication in your IIS TFS website on "tfs" virtual folder.
Be careful though because basic authentication sends your credentials over network as plain text. Highly recommend you use SSL in this case.
The steps to setup SSL are described in details in the
docs.
Here
you can find what is required to configure Basic Authentication.
A couple of caveats:
username should be entered in domain\user format
do not enable Basic Authentication on the default non-SSL site
Source Link
Also suggest you use Git Credential Manager for Mac and Linux to store credentials for Git version control.
After successfully running subversion for years on a Windows 2008 server, I recently moved to Windows 8.1, mainly because the machine does also serve videos to my home network (works fine) and because Windows 8 provides better energy saving on my platform than Windows 2008 server did. So far, so good.
Then I tried to re-install Subversion. I intend to use the built-in server application svnserve.exe. I downloaded the latest windows package, installed it (success), and configured a service (svnserve --service ...) which I can successfully start using the Windows Service Management Console. Port 80 is already taken by a different application, so I let subversion pick 3690, which is fine for me. I used netstat to confirm that svnserve.exe is bound to port TCP:3690, which is listed OK. Just to clear one potential roadblock I also disabled the Windows firewall.
Then I created a sample repository named "test" using svnadmin locally, success as well, a subversion file structure appeared on the harddisk.
Problems arise when I try to access the repository using my local browser (Firefox), an attempt to connect to URLs
http://127.0.0.1:3690[/svn|/svn/test]
all three give me the same cryptical response:
( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries commit-revprops depth log-revprops atomic-revprops partial-replay inherited-props ephemeral-txnprops file-revs-reverse ) ) )
Somehow I have expected a subversion GUI instead.
Connecting from a remote machine via browser reveals the same useless line of text.
Connecting from a remote machine using my usual Tortoise client gives the message:
Unable to connect to a repository at URL 'http://xxx.xxx.xxx.xxx:3690/svn/test
Error running context: The server unexpectedly closed the connection
I tried to add the --log-file option to svnserve, and indeed a log file appears once I start the service, but it is empty and it remains empty.
Trying to use svnserve -X instead of running it as a service reveals the exact same behavior.
Seems I am stuck. Anyone who has an idea what I can do to get that thing working?
Just to help out another beginner running into the same problem ... I finally found the problem: I simply used the wrong client, svnserve does not support web browsers. Using the Tortoise client, and providing the correct prefix (svn:127.0.0.1/...) was all I had to do.
The long version:
If one wants to work with the simple, reliable, fast, but plain-text and proprietary protocol based) svnserve service, he needs to use a proprietary client, like Tortoise, and the svn: prefix instead of http/https:, and no port, like
svn://mysvnserver/testrepo
If needed, one may even reconfigure svnservice to use authentication and encryption later. svnserve isn't supporting web browsers, if one tries to access svnserve using a web browser like I did he gehts the internals of the svn protocol dumped to the screen.
If one wants to use his web browser, http/https protocol, and niceties, like a user friendly browser based interface and some remote administration capabilities, he must not use svnserve, but install a web server service (like apache) and configure if for use with subversion.
So in the end my problem had nothing to do with Windows 8. It just has slipped from my mind that years ago I went the apache path, while now I decided that the built-in svnserve service was good enough for my needs.
Armin.
I am forced to use a visual-svn-server that is located in our windows domain. The problem is that it is super slow to use with windows client. Weird thing is that the same repository is very fast with linux client. The difference is like 3sec vs 90sec. I know somebody should fix the server, rather than me trying to fix the client, but i have no change of doing that.
So, to debug the problem I did some package capture with wireshark and it seems like windows, when doing 'svn up' (on up to date repository) does quite much ldap-negotiations before actually talking again with the actual svn-server. This takes time. Linux svn client when doing 'svn up' is not doing any ldap calls. The problem is not on my machine, but on all my colleagues windows clients too.
I tried forcing the svn client to 'basic' auth with configuration option http-auth-types (http://svnbook.red-bean.com/en/1.7/svn.advanced.confarea.html), but it didnt help. I figured that would be basic, no ldap, http-basic-auth. I am able to confirm that the setting is included, since setting it to 'digest' says that authentication method is not available. But even that takes about 60s, so my guess is that its doing the ldap-wacko stuff before trying to do the authentication.
The subversion client i am using is 1.8 serie from tortoise svn official build. I did try also slicksvn client and it did have the same problem. The svn versions shows ra_serf is handling the https requests and my repository is visual-svn server located at https://my_server_intra_dns_name/
When opening the address with browser, its again fast as it should, so problem should not be with dns or similar.
I am linux guy, so i am bit lost with windows, but does anybody have an idea wtf is going on here?
---- edit ----
I had also linux as guest operating system on the windows host, and inside that linux doing svn up was about 3s, compare that to native windows 'svn.exe up' that took over minute !
If a Windows machine has a limited connectivity to the Internet, then you may notice the delay when running Subversion client command's against a remote repository over HTTPS.
Using a traffic analyzer you can notice, that the delay happens when Windows attempts to access ctldl.windowsupdate.com and gets a timeout. Windows attempts to access ctldl.windowsupdate.com to check Certificate Trust List (i.e. Certificate Revocation List). With limited Internet connectivity, Windows may be unable to access it thus resulting in these delays.
If it's not your case, then I suggest contacting VisualSVN's support team for investigation.
In my case it was due ot Windows proxy settings - that you set in IE (I use TortoiseSVN client, and Visual SVN Server was set to use basic authentication).
After I've set up IE proxy settings accordinlgy (automatic for me, but for you it might be something different) initial delay was gone.
It helped even though the svn server is on local LAN and I have checked with Wireshark if the traffic goes over proxy. In Tortoise I have proxy disabled. Why it helped with my issue - no idea.
The initial delay I had was 11-13 seconds. Now next to none.
And I am not using ssh client.
Go to http(s) location of your SVN server using your browsers: IE, Fireofx, whatever, and if the response is quick then it is very possible that is an svn client problem, or due to some similar settings (similar to your browser settings).
For instance IE was slow (IE was set up for local connection only previously), Firefox (with proper proxy settings) was OK - and SVN server IS local (sounds like some sort of network/firewall/routing issue to me, but proxy settings helped me).
We already had a secured VPN using OpenVPN, so we don't want to use Git with SSH to avoid double encryption.
I successfully set up Bonobo Git Server on IIS 7 on Windows 2008 RC2 and created an repository. But when I tried to clone that repository from my laptop using Git GUI, it kept asking me username and password repetitively although I gave it the correct username and password created on Bonobo Server.
When I intentionally gave it incorrect credentials, it threw an expected authentication error.
Do you have any advice for me so I can connect to Git Server? Is it due to the lack of SSH keys?
As far as I can see, Bonobo offers three different authentication mechanisms: Forms, Basic, and Windows authentication. None of these involve SSH, so no, you are not using SSH and you don’t need SSH keys to make this work. SSH is just one mechanism that is commonly used for Git servers (simply because they run on Linux machines, and SSH access is very common there).
Bonobo uses the forms authentication by default. I believe you cannot preset the login information anywhere so you don’t have to enter it over and over again. You can do that with basic authentication though by changing the remote URL to include the credentials (e.g. http://user:password#bonobo-server/project.git). Of course, this will put the credentials in clear text into the repository’s configuration file, and also send the password in clear text over the network. The VPN connection will prevent someone outside of the VPN connection reading out that password, but inside of the VPN connection it is sent as clear text, so keep that in mind.
The more secure way would be Windows authentication. It uses your Windows login to authenticate at the server, and you won’t need to store your password somewhere. To Windows, it’s the “natural” authentication system, just like SSH is to Linux.
I was successful with poke's suggestion in his comment, which is utilizing a shared folder pointing to a remote bare repository.
I heard that on Windows you can login from a web browser to the web server without going through the usual login entering username and password but using instead the credentials from Windows directly, using the NTLM protocol.
How is this achieved? Does the web server need to support some additional authentication?
Update: I'm asking for a generic web server, not just IIS. How to do that on Apache for instance?
The webserver just needs to be configured to support Windows authentication (which will be NTLM, or - better - Kerberos if both client and server are W2K or later). I believe that IIS or Apache can be configured to do that.
The browser also has to support this - at least IE does so (not sure about the others, it may be possible). edit: looks like firefox has some support for this too, and safari on MacOS
edit: for details on apache, google modules for NTLM authentication. Kerberos modules also exist. as per other answers, this really only works on an Intranet - not just because the browser needs to be in an Intranet zone (only applies to IE), but because any intervening firewall will typically stop this working, and because the necessary interdomain trusts will probably not exist. It's also a bit trickier to make work if the apache server is on UNIX, and especially if you also have Kerberos servers on UNIX in the mix, but still possible.
It will only be seamless in a specific situation; namely the webserver needs to support NTLM (for example, IIS), and it needs to be in a zone that the client is configured to trust (The "Intranet Zone" in IE parlance, unless the end user has tweaked their settings)
If your webserver and client pc's are on a network secured by Active Directory or similar, you can set 'Windows Integrated Security' in IIS on the web server for the website which automatically logs in all I.E clients (That are allowed).
As stated previously, NTLM is typically used if your back end is Windows Managed (MS Active Directory). However, there are also modules available for Apache that will tie into this: mod_ntlm.
Since this is it's own protocol, it is required that the browser is able to understand this protocol and reply to the authentication challenges. I don't know which browsers support this off hand, but my assumption would be that most do.
From my experience, kerberos is more of a prefered method, but I have not worked with it much, so unfortunately, I don't have much advise as far as that goes.
On a side note, I recall reading somewhere that the JRE also has ways of tying into NTLM on your web server in order to obtain identity information for the authenticated user. As stated previously, .NET has support for this as well.
Also, Firefox does not support NTLM by default but it can be configured using the following tut: http://www.crossedconnections.org/w/?p=89
If you set the IIS settings to require authentication then your users will need to log in to access the page. They then have any rights (if not an interface) to anything on that server that they would if they logged in the normal way (from the console).
Other than this, I am not sure what you are referring to.
Yes this is possible. It is often used in intranet applications where users are. windows uses NTLM or Kerberos to authorize the user against a central service, typically Active Directory on the windows platform. On the .NET platform the current user information can be accessed through the System.Threading.Thread.CurrentPrincipal.Identity instance.
You might also want to look into Jespa. It seems a little bit more straight forward than Kerberos but provides good ntlm sso capabilities.
I was looking for more information about Kerberos (because NTLM, even v2, become deprecated with AD 2008), and I found this article, explaining how make it work with Apache (as you mentionned it).
http://blog.scottlowe.org/2006/08/10/kerberos-based-sso-with-apache/
This question is probably outdated (or at least solved), but if it can help someone ...