Re: [SvnBook] #1: [PATCH] Password caching in OS X (and Windows)
SvnBook
noreply at red-bean.com
Wed Feb 1 16:31:24 CST 2006
#1: [PATCH] Password caching in OS X (and Windows)
------------------------------------+---------------------------------------
Reporter: cmpilato at red-bean.com | Owner: nobody
Type: defect | Status: new
Priority: normal | Milestone:
Component: content | Version:
Resolution: | Keywords:
------------------------------------+---------------------------------------
Old description:
> This from Jack Repenning <jrepenning at collab.net>:
>
> Recent work on svn's trunk/ has added a new feature on Mac OS X, caching
> passwords in the system keyring instead of on-disk. The book, of
> course, ought
> to mention this; here's a suggested patch. (Caveat reviewer: this is my
> Very
> First Experience with docbook, and I haven't built the book to see the
> effect;
> still, there were ample near-by patterns to follow.)
>
> While I was about that, i believe I've discovered a bug in the
> description of
> the analogous feature in Windows. I'm not sure what the wording
> _should_ say,
> but I'm pretty darned sure that what it presently says does not match my
> experiments!
>
> It says:
>
> > (Note: if the the user's Windows account
> > password is changed, all of the cached passwords become
> > undecipherable. The Subversion client will behave as if
> > they don't exist, prompting for passwords when
> > required.)
>
> I'm no Windows expert, but this does not seem to agree with my own
> experiments.
> Here's what I did:
>
> Using
> - TortoiseSVN 1.2.1 / SVN 1.2.1 (for all svn operations)
> - Windows XP Pro SP2
>
> 1. I checked out a directory (using an https:// URL, into a secured
> repository
> ... actually, a CollabNet site)
> 2. I confirmed that the password was stored encrypted in C:\Documents
> and
> Files\me\Application Data\Subversion\auth
> \svn.simple\XXXXXXXXXX
> 3. I changed my Windows password, using the "Users" Control Panel
> 4. I "svn up"ed the directory ... no password prompt
> 5. I rebooted
> 6. I updated the directory again ... no password prompt
> 7. I checked out another directory from the same server/realm ... no
> password
> prompt
>
> {{{
> Index: svnbook/src/en/book/ch06.xml
> ===================================================================
> --- svnbook/src/en/book/ch06.xml (revision 1885)
> +++ svnbook/src/en/book/ch06.xml (working copy)
> @@ -259,6 +259,18 @@
> required.)</para>
> </listitem>
>
> + <listitem>
> + <para>On MacOS X, the password is stored in the login
> + keyring, and managed in the same way as other
> + passwords (such as web-site passwords used by
> + Safari). The user (the same one who originally
> + entered the password) must at least be logged in;
> + user preference settings can impose such additional
> + policies as requiring that the user's password (into
> + the system) be supplied each time the SVN password is
> + used.</para>
> + </listitem>
> +
> <listitem>
> <para>For the truly paranoid willing to sacrifice all
> convenience, it's possible to disable credential caching
> }}}
New description:
This from Jack Repenning <jrepenning at collab.net>:
Recent work on svn's trunk/ has added a new feature on Mac OS X, caching
passwords in the system keyring instead of on-disk. The book, of course,
ought to mention this; here's a suggested patch. (Caveat reviewer: this
is my Very First Experience with docbook, and I haven't built the book to
see the effect; still, there were ample near-by patterns to follow.)
While I was about that, i believe I've discovered a bug in the
description of the analogous feature in Windows. I'm not sure what the
wording _should_ say, but I'm pretty darned sure that what it presently
says does not match my experiments!
It says:
(Note: if the the user's Windows account
password is changed, all of the cached passwords become
undecipherable. The Subversion client will behave as if
they don't exist, prompting for passwords when required.)
I'm no Windows expert, but this does not seem to agree with my own
experiments. Here's what I did:
Using:
* TortoiseSVN 1.2.1 / SVN 1.2.1 (for all svn operations)
* Windows XP Pro SP2
1. I checked out a directory (using an https:// URL, into a secured
repository ... actually, a CollabNet site)
2. I confirmed that the password was stored encrypted in `C:\Documents
and Files\me\Application Data\Subversion\auth\svn.simple\XXXXXXXXXX`
3. I changed my Windows password, using the "Users" Control Panel
4. I "svn up"ed the directory ... no password prompt
5. I rebooted
6. I updated the directory again ... no password prompt
7. I checked out another directory from the same server/realm ... no
password prompt
{{{
Index: svnbook/src/en/book/ch06.xml
===================================================================
--- svnbook/src/en/book/ch06.xml (revision 1885)
+++ svnbook/src/en/book/ch06.xml (working copy)
@@ -259,6 +259,18 @@
required.)</para>
</listitem>
+ <listitem>
+ <para>On MacOS X, the password is stored in the login
+ keyring, and managed in the same way as other
+ passwords (such as web-site passwords used by
+ Safari). The user (the same one who originally
+ entered the password) must at least be logged in;
+ user preference settings can impose such additional
+ policies as requiring that the user's password (into
+ the system) be supplied each time the SVN password is
+ used.</para>
+ </listitem>
+
<listitem>
<para>For the truly paranoid willing to sacrifice all
convenience, it's possible to disable credential caching
}}}
--
Ticket URL: <http://www.red-bean.com/trac/svnbook/ticket/1>
SvnBook <http://svnbook.red-bean.com/>
More information about the svnbook-dev
mailing list