continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rahul Thakur <>
Subject Re: Continuum and plain text passwords
Date Thu, 24 Apr 2008 03:43:06 GMT
Same thought. is a temporary file used by Maven; if for some reason 
it persists, we can choose not to display its contents.


Henry Isidro wrote:
> Would it be a good idea not to have it appear in the webapp UI while
> this password plaintext problem is not yet resolved?
> On Thu, Apr 24, 2008 at 10:28 AM, Wendy Smoak<>  wrote:
>> I'm still on a quest to get Continuum to stop storing passwords in
>>   plain text.  Olivier fixed CONTINUUM-1605 [1] so that the initial pom
>>   retrieval will discard the provided credentials if the 'use cached
>>   credentials' checkbox is checked.
>>   The latest problem is the file.  This file (which
>>   contains the scm password in plain text) gets written out to the
>>   working copy... which is then visible through the Web UI.  If all goes
>>   well, I think it's only there briefly, but if the release fails it may
>>   be left around.
>>   Any ideas on how to fix this one?
>>   [1]
>>   --
>>   Wendy

View raw message