continuum-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wendy Smoak (JIRA)" <j...@codehaus.org>
Subject [jira] Created: (CONTINUUM-1605) Continuum should not store the password at all if 'use cached credentials' is checked
Date Mon, 17 Dec 2007 18:47:57 GMT
Continuum should not store the password at all if 'use cached credentials' is checked
-------------------------------------------------------------------------------------

                 Key: CONTINUUM-1605
                 URL: http://jira.codehaus.org/browse/CONTINUUM-1605
             Project: Continuum
          Issue Type: Improvement
          Components: Database, SCM
    Affects Versions: 1.1
            Reporter: Wendy Smoak


Continuum is storing scm passwords in the database in plain text.

If the 'use cached credentials' checkbox is checked, it should use the provided password for
the initial pom retrieval, and then discard it.

(Continuum has the ability to use svn credentials that have been pre-cached on the build server,
but when you add a project the first request for the pom is not a svn checkout, it's just
an http/https GET.)

Workaround:  periodically remove the passwords from the database:
update PROJECT set SCM_PASSWORD = "";

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message