Redmine

My favorite feature of Redmine is the ability to easily view change sets for any given branch in any given release. I ran into an issue when setting up a VisualSVN repository that controls user access through Integrated Windows Authentication. This post is meant to help anyone who runs into this issue. Below I review my experience in three sections: the goal, the problem, the solution (skip to solution for answer).

The Goal: Setting up Redmine to view a VisualSVN repository
Recently, I began building a new repository code base on a Windows 2012 virtual server using VisualSVN (If you ever decide to transition to Subversion, and are looking for an easy way to set up and manage your SVN repositories, I can say that VisualSVN makes that task simple). After setting up a couple of repositories to test out, I installed Redmine and created project tabs for a couple of projects. I personally like to have a project tab created for Production and QA to track the history of what I have in each environment. Going to a properly filled out RFC will give you information about a current change, but it is not going to give you information about code history upon which a change set was built. So I install Redmine using the Bitnami stack. I set up my projects, groups, LDAP connection and some users. For the repositories I set it up to connect through a Service Account set up in the active directory (so I never have to worry about the password expiring).

The Problem: 404 The entry or revision was not found in the repository
When I click on the repository tab I am unable to connect to the repository. Frustration immediately sets in. I've done this a thousand times, what's the problem. So I set out to Google the solution. All the posts I find refer to resolving issues with the SSL trusted certificate. But I already know its not the issue. I can connect the repository when VisualSVN is set to authenticating user access through either Subversion side verification or Basic Active Directory sign on. But I want to use Integrated Windows Authentication so that users are automatically signed on with the AD credentials they used to sign onto the network. Still I do my due diligence and add the "--trust-server-cert --no-auth-cache" command to my Redmine subversion_adapter.rb file. As expected it did not work. So I refine my search values to find my answer.

The Solution: --config-option=servers:global:http-auth-types=basic
VisualSVN defaults to the more secure Integrated Windows Authentication. To allow a client like Redmine to view a repository, you must updated the subversion_adapter.rb file to include --config-option=servers:global:http-auth-types=basic.

So where is this file? In my case I found the file at
C:\Bitnami\redmine-3.0.3-0\apps\redmine\htdocs\lib\redmine\scm\adapters\subversion_adapter.rb

I opened the file in notepad++ and searched for
def credentials_string

Edit this section to add the command. When you are done it should look like this:

def credentials_string
          str = ''
          str << " --username #{shell_quote(@login)}" unless @login.blank?
          str << " --password #{shell_quote(@password)}" unless @login.blank? || @password.blank?
          str << " --trust-server-cert --no-auth-cache --non-interactive --config-option=servers:global:http-auth-types=basic" 
          str
        end

As I learned from a post by Pavel Lyalyakin of the VisualSVN Team, "When you have Basic and Integrated Windows Authentication both enabled, Subversion client by default prefers advanced authentication mechanisms (NTLM\Negotiate(Kerberos or NTLM) to Basic authentication. In order to instruct client to authenticate via Basic by providing username and password, you should append the" --config-option=servers:global:http-auth-types=basic "argument to a command line."

I love it when I finally find an easy answer to my question. The post was originally geared toward a question for automating Jenkins, which I will be exploring soon. But the answer is good for any client application that runs as a service. I hope this helps someone out there.