You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@continuum.apache.org by Brett Porter <br...@apache.org> on 2010/07/28 06:39:47 UTC
Re: Added WebDAV interface for displaying the working copies from build agent
On 28/07/2010, at 9:47 AM, Marica Tan wrote:
> Yes I agree.
>
> Since we don't have a database in an agent, we can't do role-based
> authorization.
>
> I think we need to have that database so we can provide that security for
> the webdav interface as well as with the xmlrpc.
I don't think a database is the right answer to that - it probably doesn't need role-based permissions.
We might be better having some sort of private/public key system to ensure the agent only gets used by the intended master, rather than actual user permissions.
- Brett
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
Re: Added WebDAV interface for displaying the working copies from
build agent
Posted by Wendy Smoak <ws...@gmail.com>.
On Wed, Jul 28, 2010 at 12:39 AM, Brett Porter <br...@apache.org> wrote:
> We might be better having some sort of private/public key system to ensure the agent only gets used by the intended master, rather than actual user permissions.
This is the issue I was thinking of
http://jira.codehaus.org/browse/CONTINUUM-2044 . It assumes the
pre-webdav situation though, where the agent only sends responses to
the configured master url.
--
Wendy
Re: Added WebDAV interface for displaying the working copies from
build agent
Posted by Emmanuel Venisse <em...@gmail.com>.
On Wed, Jul 28, 2010 at 6:39 AM, Brett Porter <br...@apache.org> wrote:
>
> On 28/07/2010, at 9:47 AM, Marica Tan wrote:
>
> > Yes I agree.
> >
> > Since we don't have a database in an agent, we can't do role-based
> > authorization.
> >
> > I think we need to have that database so we can provide that security for
> > the webdav interface as well as with the xmlrpc.
>
> I don't think a database is the right answer to that - it probably doesn't
> need role-based permissions.
>
> We might be better having some sort of private/public key system to ensure
> the agent only gets used by the intended master, rather than actual user
> permissions.
>
I'm totally agree.
Emmanuel
>
> - Brett
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
>
>