Google Git
Sign in
apache / continuum / refs/heads/trunk / . / src / site / xdoc / credentials.xml
blob: 40502423bdb0384f976d96210bd761c717cfc11d [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<document xmlns="http://maven.apache.org/XDOC/2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/XDOC/2.0 http://maven.apache.org/xsd/xdoc-2.0.xsd">
<properties>
<title>Credentials Handling</title>
</properties>
<body>
<section name="Credentials Handling">
<p>This document describes how Continuum should handle credentials for pom retrieval and scm access.</p>
<table>
<tr>
<th>Were credentials provided when the project was added?</th>
<th>Was 'Use cached credentials if available' checked when the project was added?</th>
<th>Are there Subversion credentials cached for the user running Continuum?</th>
<th>Were credentials provided during release prepare?</th>
<th></th>
<th>Initial project add</th>
<th>Scheduled or Forced Build</th>
<th>Release</th>
</tr>
<tr>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>use the provided credentials for the HTTP GET to
retrieve the POM. Rely on cached credentials for the initial checkout [2].
Do not store the credentials in the database because the checkbox says we
should rely on cached credentials.
</td>
<td>Rely on the cached credentials [2]</td>
<td>use the credentials provided during release prepare.
Avoid caching these credentials. [1]
</td>
</tr>
<tr>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>Rely on the cached credentials [2]</td>
</tr>
<tr>
<td>Y</td>
<td>Y</td>
<td>N</td>
<td>Y</td>
<td></td>
<td>&quot;</td>
<td>Rely on the cached credentials [2]. Will probably fail because they are missing.</td>
<td>use the credentials provided during release prepare. Avoid caching these credentials. [1]</td>
</tr>
<tr>
<td>Y</td>
<td>Y</td>
<td>N</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>Rely on the cached credentials [2].</td>
</tr>
<tr>
<td>Y</td>
<td>N</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>use the provided credentials for the HTTP GET to
retrieve the pom and for the initial checkout. Store the credentials in the
database for later use.
</td>
<td>Use the credentials from the database [3]</td>
<td>use the credentials provided during release prepare.
Avoid caching these credentials. [1]
</td>
</tr>
<tr>
<td>Y</td>
<td>N</td>
<td>Y</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>Rely on the cached credentials [2].</td>
</tr>
<tr>
<td>Y</td>
<td>N</td>
<td>N</td>
<td>Y</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>use the credentials provided during release prepare.
Avoid caching these credentials. [1]
</td>
</tr>
<tr>
<td>Y</td>
<td>N</td>
<td>N</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>Rely on unauthenticated access to the scm repo</td>
</tr>
<tr>
<td>N</td>
<td>Y</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>GET the pom and do the initial checkout with no
credentials
</td>
<td>Rely on cached credentials or unauthenticated access
to the scm repo [2].
</td>
<td>use the credentials provided during release prepare.
Avoid caching these credentials. [1]
</td>
</tr>
<tr>
<td>N</td>
<td>Y</td>
<td>Y</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>Rely on the cached credentials [2].</td>
</tr>
<tr>
<td>N</td>
<td>Y</td>
<td>N</td>
<td>Y</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>use the credentials provided during release prepare.
Avoid caching these credentials. [1]
</td>
</tr>
<tr>
<td>N</td>
<td>Y</td>
<td>N</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>rely on cached credentials or unauthenticated access to scm [2].</td>
</tr>
<tr>
<td>N</td>
<td>N</td>
<td>Y</td>
<td>Y</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>use the credentials provided during release prepare. Avoid caching these credentials. [1]</td>
</tr>
<tr>
<td>N</td>
<td>N</td>
<td>Y</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>Rely on the cached credentials [2]</td>
</tr>
<tr>
<td>N</td>
<td>N</td>
<td>N</td>
<td>Y</td>
<td></td>
<td>&quot;</td>
<td>&quot;</td>
<td>use the credentials provided during release prepare.
Avoid caching these credentials. [1]
</td>
</tr>
<tr>
<td>N</td>
<td>N</td>
<td>N</td>
<td>N</td>
<td></td>
<td>&quot;</td>
<td>Rely on unauthenticated access to the scm repo</td>
<td>Rely on unauthenticated access to the scm repo</td>
</tr>
</table>
<p>A " (double quote) in a table cell means "same as above".</p>
<p>Implementation Notes for Subversion:
<ul>
<li>[1] Use --no-cache-credentials on the svn command</li>
<li>[2] Do not provide --username and --password on the svn command line</li>
<li>[3] Provide --username and --password on the svn command line</li>
</ul>
</p>
</section>
<section name="Testing">
<p>Currently the tests for these features tend to be manual since they require access to a secured website
and/or scm repository. This test is currently disabled: AbstractContinuumProjectBuilderTest.
</p>
</section>
</body>
</document>