Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [egit-dev] Cloning with EGit from Gerrit via http now ask for the PW
On Thu, Jun 29, 2017 at 7:54 PM, Thomas Wolf <thomas.wolf@xxxxxxxxxx> wrote:
Well...

On Jun 29, 2017, at 19:43 , Lars Vogel wrote:

> I know that the URL without user works, but that makes later Gerrit
> contributions harder. But if that based on the server, there is
> nothing we can do.

git clone https://<user>@git.eclipse.org/r/platform/eclipse.platform.images

(without the /a) also works, and will have at least the user name in the remote's URL.

One would have to check what the idea behind this /a was. Repo visibility in Gerrit is managed by other means, so that can't have been the reason. Perhaps Gerrit should request authentication only for the git-receive-pack endpoint (both GET and PUSH), but not for cloning and fetching. If so, we could open a bug against Gerrit.

https://git.eclipse.org/r allows read access by anonymous users, see permissions settings in [1].
URL suffix /a enforces (digest or basic) authentication and is typically used for access to the REST API [2] where
a logon screen is not suitable since the REST API is usually accessed programmatically.
If a user logs on to the WebUI via logon screen a session cookie is representing the security session.

Back to the top