Continuum
  1. Continuum
  2. CONTINUUM-1605

Continuum should not store the userid or password if 'use cached credentials' is checked

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.1
    • Fix Version/s: 1.2
    • Component/s: Database, SCM
    • Labels:
      None

      Description

      Continuum is storing scm passwords in the database in plain text.

      If the 'use cached credentials' checkbox is checked, it should use the provided userid and password for the initial pom retrieval, and then discard them.

      (Continuum has the ability to use svn credentials that have been pre-cached on the build server, but when you add a project the first request for the pom is not a svn checkout, it's just an http/https GET.)

      Workaround: periodically remove the credentials from the database:
      update PROJECT set SCM_PASSWORD = "";
      update PROJECT set SCM_USERNAME = "";

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Olivier Lamy (*$^¨%`£)
            Reporter:
            Wendy Smoak
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development