[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[egit-dev] The password handling of the Clone dialog
- From: Robin Rosenberg <robin.rosenberg@xxxxxxxxxx>
- Date: Mon, 09 Apr 2012 16:19:57 +0200
- Delivered-to: firstname.lastname@example.org
- User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:12.0) Gecko/20120321 Thunderbird/12.0
I've been looking at the Clone wizard.
There are a number of bugs open on clone and push and apparently password authentication is
The current build doesn't work with passwords at all (Bug 360862). I made a patch for that at
https://git.eclipse.org/r/#/c/5529/ and submitted it. We're not done with that, simply because
it is not clean. Authentication is done with one of the methods in the PreferredAuthentications
setting, whose value is "gssapi-with-mic,publickey,keyboard-interactive,password". We don't
have kerberos and if you don't have a suitable public key then keyboard-interactive is used. The
server says it wants a password which is handled via a StringType credential item, not the
Password type. The patch handles that.
A strange thing is that, shouldn't we go straight to password authentication when a password
How is the secure storage ment to be used. AFAIK it doesn't work at all right now. Ok, it seems
to store a password. but it cannot retrieve it.
It seems to me that there is a lot of complex class hierarchies, much of which isn't used
at all. How is this really meant to work?
Some of the bugs reports talk about passphrase, but is that the private key passphrase or
just the password.
Here is a quick list of related issues, some are old:
373947 JGit/JSch never resets the credentials provider if an invalid passphrase is returned
352385 Unable to clone repository via ssh - egit won't give a chance to enter passphrase
339220 Login and password don't get used or stored.
349348 Using Push... to eclipse.org server prompts for password 3 times
349417 Can't finish the Clone Git Repository Dialog if you don't know your secure storage password
352752 Prompted for password more than expected
355442 Egit is prompting for password for secure store even no secure store is set
333127 Can't edit password dialog user name
344987 'Auth cancel' error dialog when password prompt for Fetch is cancelled
351106 CVS actions trigger EGIT Pass Phrase pop-up