You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Patrick Mueller (JIRA)" <ji...@apache.org> on 2013/05/11 03:06:13 UTC
[jira] [Commented] (CB-3374) Weinre does not support authentication
of any form
[ https://issues.apache.org/jira/browse/CB-3374?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13655088#comment-13655088 ]
Patrick Mueller commented on CB-3374:
-------------------------------------
Basic Auth presumes https connections, so we will also have to arrange for folks to provide certs for https. At this point, I don't think we should ever support Basic Auth over http - only https.
Is this on the debug client, debug target, or both? If on the debug target, how do we go about prompting the user for the userid/password, and then how do we pass this via XHR to the weinre server? If it's not on the debug target, but only on the client, is that ok?
What capabilities do you get with the auth? If you authenticate to the server, does that mean you can see anyone's sessions on that server? Or just your own?
I'd like to see this fully fleshed out, with some use cases, before proceeding. Or a pull request. :-)
I'd also be willing to entertain handling auth via OpenId, OAuth, etc. Might be easier than Basic Auth (on the target anyway).
> Weinre does not support authentication of any form
> --------------------------------------------------
>
> Key: CB-3374
> URL: https://issues.apache.org/jira/browse/CB-3374
> Project: Apache Cordova
> Issue Type: New Feature
> Components: weinre
> Reporter: M Alix
> Assignee: Patrick Mueller
> Priority: Minor
> Labels: authentication, security
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> Weinre should support some form of authentication
> Development under this issue will add RFC 2617 Basic Authentication to Weinre
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira