You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Jeff Jensen (JIRA)" <ji...@codehaus.org> on 2008/12/04 23:51:19 UTC
[jira] Commented: (SCM-415) 1.1 requires setting a Perforce
password breaking Perforce setup for external authentication
[ http://jira.codehaus.org/browse/SCM-415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=156862#action_156862 ]
Jeff Jensen commented on SCM-415:
---------------------------------
I am adding this comment to hopefully provide additional Perforce context.
Basically, the Maven SCM Perforce provider always requires a userid and password; it always passes them on the command line using the -u -P arguments. This causes an unsolvable problem for many Perforce installations.
Since 2003, Perforce has a login feature that does not use userid and password specified with the command (args -u and -P, respectively). In fact, the highest Perforce security level prevents specifying the password on the command line and requires using the login feature.
Perforce has 4 security levels, numbered 0 through 3. They are defined here:
http://www.perforce.com/perforce/doc.081/manuals/p4sag/03_superuser.html#1081537
Security levels 0-2 allow the specification of the password on the command line. Security level 3 only allows access via the login feature.
If the Perforce security level is 3, then specifying -P <password> does not work and Perforce errors with "Password not allowed at this server security level, use 'p4 login'."
However, when not specifying the password to the SCM plugin, the plugin errors with "password is required for the perforce scm plugin."
This is why it is an unsolvable problem for the user with security level 3...the SCM plugin requires a password, Perforce won't allow a password specified with the command.
Therefore, it seems incorrect to make the password argument required, as the user could already be logged in via the login feature.
Another option is to change the SCM login to use the Perforce login feature, since it will always work.
Note that p4 login is possible at all security levels.
> 1.1 requires setting a Perforce password breaking Perforce setup for external authentication
> --------------------------------------------------------------------------------------------
>
> Key: SCM-415
> URL: http://jira.codehaus.org/browse/SCM-415
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-perforce
> Affects Versions: 1.1
> Reporter: ajbanck
> Priority: Blocker
> Fix For: 1.1.1
>
> Attachments: perforce_login.patch, scm-415.patch
>
>
> checkin r654744 for SCM-363 introduces a requirement to set a Perforce password.
> This will break the SCM provider when Perforce is configured to not accept a password. This will be the case when using the OS security instead of Perforce' own.
> The SCM pluging throws an exception when not providing a password, Perforce throws an error when trying to login with a (dummy) password.
> When no username and/or password is provided, the Perforce login step should be skipped.
> =========
> Perforce login output when running p4 from the command prompt:
> p4 login
> 'login' not necessary, no password set for this user.
> p4 login john
> You don't have permission for this operation.
> =========
> Offending code:
> PerforceLoginCommand.java
> if ( StringUtils.isEmpty( repo.getPassword() ) )
> {
> throw new ScmException( "password is required for the perforce scm plugin." );
> }
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira