You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Brett Porter (JIRA)" <ji...@codehaus.org> on 2008/04/02 06:56:58 UTC
[jira] Updated: (CONTINUUM-1605) Continuum should not store the
userid or password if 'use cached credentials' is checked
[ http://jira.codehaus.org/browse/CONTINUUM-1605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Porter updated CONTINUUM-1605:
------------------------------------
Fix Version/s: 1.2
> Continuum should not store the userid or password if 'use cached credentials' is checked
> ----------------------------------------------------------------------------------------
>
> Key: CONTINUUM-1605
> URL: http://jira.codehaus.org/browse/CONTINUUM-1605
> Project: Continuum
> Issue Type: Improvement
> Components: Database, SCM
> Affects Versions: 1.1
> Reporter: Wendy Smoak
> Fix For: 1.2
>
>
> Continuum is storing scm passwords in the database in plain text.
> If the 'use cached credentials' checkbox is checked, it should use the provided userid and password for the initial pom retrieval, and then discard them.
> (Continuum has the ability to use svn credentials that have been pre-cached on the build server, but when you add a project the first request for the pom is not a svn checkout, it's just an http/https GET.)
> Workaround: periodically remove the credentials from the database:
> update PROJECT set SCM_PASSWORD = "";
> update PROJECT set SCM_USERNAME = "";
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira