Svnkit (1.10.1) not fully compatible with java11

I have a project i am working on at my university and we have collabnet there. I am trying to get the password from svn securely. Code:

import org.tmatesoft.svn.core.SVNURL
import org.tmatesoft.svn.core.wc.SVNWCUtil
import org.tmatesoft.svn.core.auth.ISVNAuthenticationManager
import org.tmatesoft.svn.core.SVNAuthenticationException
import org.tmatesoft.svn.core.auth.*

SVNPasswordAuthentication svnCredentials

try {
** svnCredentials =**
** SVNWCUtil.createDefaultAuthenticationManager().getFirstAuthentication(**
** ISVNAuthenticationManager.PASSWORD,**
** ‘<Collabnet_URL:443> Authorization Realm’,**
** SVNURL.parseURIEncoded( ‘Collabnet_URL’ ) )**
} catch ( SVNAuthenticationException e ) {
** throw new Exception( “Your credentials must have been saved in SVN. Please, connect with TortoiseSVN and check ‘Save authentication’”, e )**
}

But i always end up with the exception:
“Your credentials must have been saved in SVN. Please, connect with TortoiseSVN and check 'Save authentication”… Altough i saved the credentials locally

After i try to run a debug session using the full svnkit, i get the following:
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.tmatesoft.svn.core.internal.util.SVNSocketFactory (file:/J:/org.tmatesoft.svn_1.10.1.standalone/svnkit-1.10.1/lib/svnkit-1.10.1.jar)
to method sun.security.ssl.SSLSocketImpl.setHost(java.lang.String)
WARNING: Please consider reporting this to the maintainers of org.tmatesoft.svn.core.internal.util.SVNSocketFactory
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release

The same code runs with the java8 with svnkit 1.10.1 but with java11 it’s throws the exception. Can you please be so kind and suggest a solution for this problem?

Dear Saad,

thank you for pointing to this problem.

As you may see, the reason for the warning is “reflective access” used to call SSLSocket.setHost(String) method. This method is internal and may be present in some JDK version, but not in the others.

SSLSocketImpl.setHost method is called to workaround a bug in JDK that otherwise fails to set target host name as part of SSL client handshake (this feature is called SNI - server name identification).

For more information check these links:


Of course, we would like to avoid calling this internal method, but unfortunately it is required, as otherwise SNI SSL feature would not work with certain versions of JDK.

When method is not present, method call will fail, but socket creation will proceed without an error as all exception are caught at the call site.

I think you may hide the warning and allow reflective access by adding the following JVM option:

–add-opens java.base/sun.security.ssl=ALL-UNNAMED

Let me know how whether it works for you. Thanks!