continuum-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wendy Smoak (JIRA)" <>
Subject [jira] Reopened: (CONTINUUM-2272) Able to add secured projects without credentials
Date Sat, 20 Jun 2009 03:06:15 GMT


Wendy Smoak reopened CONTINUUM-2272:

Reopening for more info and docs/tests.

In step 1, where do you get the error?
 - when it tries to retrieve the pom?
 - when it tries to check out the source code?

In step 2, what does Continuum do with the credentials?  I think it
 - uses them for the HTTP GET to retrieve the pom
 - stores them in the database
 - uses them for the svn checkout
    ... and this will naturally cache the svn credentials for that svn repo for the user running
Continuum.  (This always happens unless you put --no-cache-credentials on the command line.)

In step 4, what part succeeds that you think should fail?

I am currently working through the 16 combinations of the following yes/no questions to define
the requirements for Continuum's behavior wrt cached credentials:
Q1. Were credentials provided when the project was added?
Q2. Was 'Use cached credentials if available' checked when the project was added?
Q3. Were there Subversion credentials cached for the user running Continuum prior to adding
the project?
Q4. Were credentials provided during release prepare?

> Able to add secured projects without credentials
> ------------------------------------------------
>                 Key: CONTINUUM-2272
>                 URL:
>             Project: Continuum
>          Issue Type: Bug
>          Components: Core system
>    Affects Versions: 1.2
>            Reporter: Maria Catherine Tan
>            Assignee: Maria Catherine Tan
>             Fix For: 1.3.4
> 1. add a secured project without entering any credentials and do not click 'use scm credentials'
> 2. click add button
> --> Will have an authorization error while trying to add the project
> 3. Repeat steps above but this time with credentials
> --> Successfully added the project
> 4. Repeat steps #1&2 but this time choose a different group (continuum does not allow
adding the same project to the same group)
> --> Successfully added the project
> #4 should still show an authorization error instead of successfully adding the project.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message