- Supported system properties and configuration options
Supported system properties and configuration options
This section contains information on configuring the SVNKit library - in order that one can adjust the library up to his individual wishes. Here you will find information on what configuration files SVNKit uses during runtime, what system properties are used in that case when config files are not available, and so on.
HTTP proxy setup
Default configuration area is located at ~/.subversion on Linux and OS X and at C:\Documents and Settings\userName\Application Data\Subversion on Windows. You may read more on Subversion client configuration files in the Subversion Book.
SVN+SSH authentication with Subclipse
If you're using SVNKit with Subclipse version 0.9.37 or newer there is no need to use system properties to define SSH credentials, Subclipse will automatically prompt you for private key or password during establishing SSH connection.
SVN+SSH authentication with private key
By default SVNKit tries to obtain all necessary information from the [tunnels] section of the config file that is located in the default SVN run-time configuration area. However if that information is not complete or not found at all, SVNKit tries then to use predefined system properties listed beneath.
SVNKit uses a pure java Ganymed library to establish SSH connections. This library supports only SSH version 2, with password or private key authentication. You may use the following system properties to let SVNKit know about your private key and passphrase:
svnkit.ssh2.key = /path/to/private/key/file svnkit.ssh2.username = userName svnkit.ssh2.passphrase = optionalPassphrase svnkit.ssh2.password = userpassword svnkit.ssh2.port = optionalPort
SVN+SSH authentication with private key in Eclipse
When starting Eclipse you can provide the above properties like this:
$ eclipse -vmargs \ -Dsvnkit.ssh2.key=/path/to/private/key/file \ -Dsvnkit.ssh2.username=userName \ -Dsvnkit.ssh2.passphrase=optionalPassphrase \ -Dsvnkit.ssh2.password=userpassword \ -Dsvnkit.ssh2.port=optionalPort
Note: a user name for an ssh connection will be taken from SVN Repository properties.
... svnkit.ssh2.key=path/to/private/key/file svnkit.ssh2.passphrase=passphrase svnkit.ssh2.username=username svnkit.ssh2.password=userpassword svnkit.ssh2.port=port
SVNKit uses SSL support included into JDK. Some JDK versions don't support SSL server certificates longer than 1024 bytes or don't support certain Cypher Suites. If you're experiencing problems accessing a Subversion repository over SSL connection (via https protocol) consider using the latest JDK version and upgrading the JDK JCE package (Cryptotgraphic Extension) to an "unlimited strenght" one. Read this article for more details on how to install JCE.
Trusting SSL Certificates
- by default trusts all SSL servers, though it doesn't cache server certificates;
- or uses a default JDK certificates storage to get SSL certificates of the trusted servers;
and additionally it uses authority certificate files listed in the Subversion servers configuration file in these options:
### 'ssl-authority-files' is a semicolon-delimited list of files, ### each pointing to a PEM-encoded Certificate Authority (CA) ### SSL certificate. ssl-authority-files = /path/to/CAcert.pem;/path/to/CAcert2.pem ### 'ssl-trust-default-ca' Trust the system 'default' CAs ssl-trust-default-ca = yes
Client SSL authentication
In the Subversion servers configuration file you can specify your SSL authentication certificate files for a specific group:
ssl-client-cert-file= PKCS#12 format client certificate file ssl-client-cert-password= Client Key password, if needed.
Read more information on this options in the Subversion book.
Also you can set the following system properties to define global SSL authentication certificate files:
svnkit.ssl.client-cert-file= PKCS#12 format client certificate file svnkit.ssl.client-cert-password= Client Key password, if needed.
HTTP authentication cache
To disable caching of any authentication data during HTTP operations you can provide the following property:
By default SVNKit keeps user credentials
Working copy upgrade
By default any write operation on a working copy upgrades it to the most recent format, currently it is subversion 1.5 working copy format. You can disable this behavior by specifying the system property:
svnkit.upgradeWC = false
It also may be helpful for you to read this article concerned with working copy format