Return-Path: Delivered-To: apmail-continuum-issues-archive@www.apache.org Received: (qmail 44824 invoked from network); 14 Apr 2008 22:42:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 14 Apr 2008 22:42:30 -0000 Received: (qmail 95688 invoked by uid 500); 14 Apr 2008 22:42:31 -0000 Delivered-To: apmail-continuum-issues-archive@continuum.apache.org Received: (qmail 95664 invoked by uid 500); 14 Apr 2008 22:42:31 -0000 Mailing-List: contact issues-help@continuum.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@continuum.apache.org Delivered-To: mailing list issues@continuum.apache.org Received: (qmail 95655 invoked by uid 99); 14 Apr 2008 22:42:31 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Apr 2008 15:42:31 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [63.246.2.115] (HELO codehaus01.managed.contegix.com) (63.246.2.115) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Apr 2008 22:41:39 +0000 Received: from codehaus01.managed.contegix.com (localhost.localdomain [127.0.0.1]) by codehaus01.managed.contegix.com (Postfix) with ESMTP id B1B0D14A803B for ; Mon, 14 Apr 2008 17:41:59 -0500 (CDT) Message-ID: <4294237.1208212918470.JavaMail.haus-jira@codehaus01.managed.contegix.com> Date: Mon, 14 Apr 2008 17:41:58 -0500 (CDT) From: "Olivier Lamy (JIRA)" To: issues@continuum.apache.org Subject: [jira] Closed: (CONTINUUM-1605) Continuum should not store the userid or password if 'use cached credentials' is checked MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ http://jira.codehaus.org/browse/CONTINUUM-1605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Olivier Lamy closed CONTINUUM-1605. ----------------------------------- Assignee: Olivier Lamy Resolution: Fixed fixed in rev 648038. > Continuum should not store the userid or password if 'use cached credentials' is checked > ---------------------------------------------------------------------------------------- > > Key: CONTINUUM-1605 > URL: http://jira.codehaus.org/browse/CONTINUUM-1605 > Project: Continuum > Issue Type: Improvement > Components: Database, SCM > Affects Versions: 1.1 > Reporter: Wendy Smoak > Assignee: Olivier Lamy > Fix For: 1.2 > > > Continuum is storing scm passwords in the database in plain text. > If the 'use cached credentials' checkbox is checked, it should use the provided userid and password for the initial pom retrieval, and then discard them. > (Continuum has the ability to use svn credentials that have been pre-cached on the build server, but when you add a project the first request for the pom is not a svn checkout, it's just an http/https GET.) > Workaround: periodically remove the credentials from the database: > update PROJECT set SCM_PASSWORD = ""; > update PROJECT set SCM_USERNAME = ""; -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira