Svn: E170001: Authentication required

sonarqube
scanner

(Günter Wirth) #1

Hi,

trying to enable SCM I get:

Error when executing blame for file
svn: E170001: Authentication required ...

Question 1: In case scanner and server are running on different machines with different users which user need SVN access rights? User on scanner side or user on server side?

Question 2: In case I add no user/password to configuration which default user is used to try access?

Thanks in advance.

Regards,
Günter


(G Ann Campbell) #2

Hi Guenter,

It’s the scanner side that’s making the requests, so that user needs permission. Are you using Git? On Linux? There’s some information in the docs about troubleshooting blame problems.

 
Ann


(Günter Wirth) #3

Hi Ann,

Thanks for your fast answer. We are using on client (scanner) side:

  • Windows 7
  • SVN
  • sonar-scanner-3.0.3.778
  • SQ 6.7.4
  • Svn Integration 1.8.0.1168

The user starting the scanner has SVN access rights. Our configuration is empty (contains no sonar.svn.username, sonar.svn.password.secured). That was the reason for the second question with the default user the scanner is using?

Regards,
Günter


(G Ann Campbell) #4

Hi Guenter,

Your checkout is using explicit credentials? If so, you’ll need to provide explicit credentials for the blame operation. Alternately, I have a dusty old memory of setting something up in the analysis machine on the user. This may be relevant.

 
Good luck,
Ann


(Günter Wirth) #5

Hi Ann,

With this point we have taken a step forward. We have to set parameter below in %APPDATA%\Subversion\servers (in the ‘global’ section) on the machine the scanner is running

http-auth-types = NTLM
or
http-auth-types = Basic

Maybe helps someone…

Regards,
Günter


(G Ann Campbell) #6

Thanks for the followup!


(Günter Wirth) #7

Hi Ann,

I have still some questions to this: Why does SVN need a user / password?

My local user have full access to the SVN repository. Starting the scanner on the client machine also the scanner process is running with this local account. Why can’t the scanner access the SVN blame information (without explicit user/psw settings on the server)?

Some thoughts for default:

  • Use local user account as default?
  • Or user assigned to the process/service running the analysis as default?
  • In case I’m calling the scanner with a token (instead of user/psw) the scanner could use on client side the credentials assigned to this user as default to get the SVN blame information?

The current solution is to set user/psw:

  • Global for all projects. Is a problem if sources are from different repositories.
  • Local per project. Is difficult to maintain. In case a password is changing you have to change it in all projects manually.

Are there any ideas how to improve this?

Regards,
Günter


(G Ann Campbell) #8

Hi Guenter,

If you filled in SCM credentials via the UI, I believe they’d be used for this step, but as to why you have to provide them explicitly, I really don’t know.

 
Ann