You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@continuum.apache.org by "Wendy Smoak (JIRA)" <ji...@codehaus.org> on 2009/06/20 05:06:15 UTC

[jira] Reopened: (CONTINUUM-2272) Able to add secured projects without credentials

     [ http://jira.codehaus.org/browse/CONTINUUM-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Wendy Smoak reopened CONTINUUM-2272:
------------------------------------


Reopening for more info and docs/tests.

In step 1, where do you get the error?
 - when it tries to retrieve the pom?
 - when it tries to check out the source code?

In step 2, what does Continuum do with the credentials?  I think it
 - uses them for the HTTP GET to retrieve the pom
 - stores them in the database
 - uses them for the svn checkout
    ... and this will naturally cache the svn credentials for that svn repo for the user running Continuum.  (This always happens unless you put --no-cache-credentials on the command line.)

In step 4, what part succeeds that you think should fail?

I am currently working through the 16 combinations of the following yes/no questions to define the requirements for Continuum's behavior wrt cached credentials:
Q1. Were credentials provided when the project was added?
Q2. Was 'Use cached credentials if available' checked when the project was added?
Q3. Were there Subversion credentials cached for the user running Continuum prior to adding the project?
Q4. Were credentials provided during release prepare?


> Able to add secured projects without credentials
> ------------------------------------------------
>
>                 Key: CONTINUUM-2272
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2272
>             Project: Continuum
>          Issue Type: Bug
>          Components: Core system
>    Affects Versions: 1.2
>            Reporter: Maria Catherine Tan
>            Assignee: Maria Catherine Tan
>             Fix For: 1.3.4
>
>
> 1. add a secured project without entering any credentials and do not click 'use scm credentials'
> 2. click add button
> --> Will have an authorization error while trying to add the project
> 3. Repeat steps above but this time with credentials
> --> Successfully added the project
> 4. Repeat steps #1&2 but this time choose a different group (continuum does not allow adding the same project to the same group)
> --> Successfully added the project
> #4 should still show an authorization error instead of successfully adding the project.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira