[eclipse-pmc] Re: Request for API addition in extension for security for

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[eclipse-pmc] Re: Request for API addition in extension for security for 3.4

From: Mike Wilson <Mike_Wilson@xxxxxxxxxx>
Date: Tue, 6 May 2008 13:31:49 -0400
Delivered-to: eclipse-pmc@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/eclipse-pmc>
List-help: <mailto:eclipse-pmc-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/eclipse-pmc>, <mailto:eclipse-pmc-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/eclipse-pmc>, <mailto:eclipse-pmc-request@eclipse.org?subject=unsubscribe>

I'd like to see a patch attached to the bug that shows the required changes.

McQ.

Kevin McGuire---05/06/2008 11:50:32 AM---Dear PMC, As part of UI cleanup for the new security work for 3.4, we'd like to request the followin

From:	Kevin McGuire/Ottawa/IBM
To:	eclipse-pmc@xxxxxxxxxxx
Cc:	Mike Wilson/Ottawa/IBM@IBMCA, Oleg Besedin/Ottawa/IBM@IBMCA, Martin Aeschlimann/Zurich/IBM@IBMCH
Date:	05/06/08 11:50 AM
Subject:	Request for API addition in extension for security for 3.4

Dear PMC,

As part of UI cleanup for the new security work for 3.4, we'd like to request the following API addition:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=230242 [sec] Add hints describing capabilities of the password providers

Explanation:

This is a hint to the UI so that we can avoid a pointless and confusing wizard for password change: if the password provider is the OS, the wizard does nothing of value, but the security UI doesn't know enough about each provider to avoid the wizard in the first place. Below are screen shots of what the user sees in this case. The flag would inform the security framework that the provider doesn't prompt for passwords, therefore this wizard has no utility and the triggering action can be disabled. The proposed extension leaves open the future possibilities of other UI hints but only the one is needed for 3.4.

Risk:

The coding changes are easy/straightforward. There's no risk of breakage.

Importance:

Presently for OS providers (the majority of real world cases in 3.4), the password prompt just looks like a bug and is likely to be the source of great confusion from the community, as well as support time from us. In addition it lacks the level of polish we expect from the SDK. Security is new for 3.4 and adding the flag now inceases the chance that 3rd party providers will annotate their password providers accordingly.

This is what the user sees currently for WinXP OS security provider (the default):

Prev by Date: Re: [eclipse-pmc] Add back an old method from 3.3 (detected as an API addition since 3.4M6a)
Next by Date: [eclipse-pmc] Re: Request for API addition in extension for security for 3.4
Previous by thread: [eclipse-pmc] new API needed to fix critical bugs
Next by thread: [eclipse-pmc] Re: Request for API addition in extension for security for 3.4
Index(es):
- Date
- Thread

Breadcrumbs