| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| ~ Licensed to the Apache Software Foundation (ASF) under one |
| ~ or more contributor license agreements. See the NOTICE file |
| ~ distributed with this work for additional information |
| ~ regarding copyright ownership. The ASF licenses this file |
| ~ to you under the Apache License, Version 2.0 (the |
| ~ "License"); you may not use this file except in compliance |
| ~ with the License. You may obtain a copy of the License at |
| ~ |
| ~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~ |
| ~ Unless required by applicable law or agreed to in writing, |
| ~ software distributed under the License is distributed on an |
| ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~ KIND, either express or implied. See the License for the |
| ~ specific language governing permissions and limitations |
| ~ under the License. |
| --> |
| |
| <document xmlns="http://maven.apache.org/XDOC/2.0" |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xsi:schemaLocation="http://maven.apache.org/XDOC/2.0 http://maven.apache.org/xsd/xdoc-2.0.xsd"> |
| |
| <properties> |
| <title>Credentials Handling</title> |
| </properties> |
| |
| <body> |
| |
| <section name="Credentials Handling"> |
| |
| <p>This document describes how Continuum should handle credentials for pom retrieval and scm access.</p> |
| |
| <table> |
| <tr> |
| <th>Were credentials provided when the project was added?</th> |
| <th>Was 'Use cached credentials if available' checked when the project was added?</th> |
| <th>Are there Subversion credentials cached for the user running Continuum?</th> |
| <th>Were credentials provided during release prepare?</th> |
| <th></th> |
| <th>Initial project add</th> |
| <th>Scheduled or Forced Build</th> |
| <th>Release</th> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td></td> |
| <td>use the provided credentials for the HTTP GET to |
| retrieve the POM. Rely on cached credentials for the initial checkout [2]. |
| Do not store the credentials in the database because the checkbox says we |
| should rely on cached credentials. |
| </td> |
| |
| <td>Rely on the cached credentials [2]</td> |
| <td>use the credentials provided during release prepare. |
| Avoid caching these credentials. [1] |
| </td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>Rely on the cached credentials [2]</td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>Y</td> |
| <td>N</td> |
| <td>Y</td> |
| <td></td> |
| <td>"</td> |
| <td>Rely on the cached credentials [2]. Will probably fail because they are missing.</td> |
| <td>use the credentials provided during release prepare. Avoid caching these credentials. [1]</td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>Y</td> |
| <td>N</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>Rely on the cached credentials [2].</td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>N</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td></td> |
| <td>use the provided credentials for the HTTP GET to |
| retrieve the pom and for the initial checkout. Store the credentials in the |
| database for later use. |
| </td> |
| <td>Use the credentials from the database [3]</td> |
| <td>use the credentials provided during release prepare. |
| Avoid caching these credentials. [1] |
| </td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>N</td> |
| <td>Y</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>Rely on the cached credentials [2].</td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>N</td> |
| <td>N</td> |
| |
| <td>Y</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>use the credentials provided during release prepare. |
| Avoid caching these credentials. [1] |
| </td> |
| </tr> |
| <tr> |
| <td>Y</td> |
| <td>N</td> |
| <td>N</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>Rely on unauthenticated access to the scm repo</td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td></td> |
| <td>GET the pom and do the initial checkout with no |
| credentials |
| </td> |
| <td>Rely on cached credentials or unauthenticated access |
| to the scm repo [2]. |
| </td> |
| <td>use the credentials provided during release prepare. |
| Avoid caching these credentials. [1] |
| </td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>Rely on the cached credentials [2].</td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>Y</td> |
| <td>N</td> |
| <td>Y</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>use the credentials provided during release prepare. |
| Avoid caching these credentials. [1] |
| </td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>Y</td> |
| <td>N</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>rely on cached credentials or unauthenticated access to scm [2].</td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>N</td> |
| <td>Y</td> |
| <td>Y</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>use the credentials provided during release prepare. Avoid caching these credentials. [1]</td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>N</td> |
| <td>Y</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>Rely on the cached credentials [2]</td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>N</td> |
| <td>N</td> |
| <td>Y</td> |
| <td></td> |
| <td>"</td> |
| <td>"</td> |
| <td>use the credentials provided during release prepare. |
| Avoid caching these credentials. [1] |
| </td> |
| </tr> |
| <tr> |
| <td>N</td> |
| <td>N</td> |
| <td>N</td> |
| <td>N</td> |
| <td></td> |
| <td>"</td> |
| <td>Rely on unauthenticated access to the scm repo</td> |
| <td>Rely on unauthenticated access to the scm repo</td> |
| </tr> |
| </table> |
| |
| <p>A " (double quote) in a table cell means "same as above".</p> |
| |
| <p>Implementation Notes for Subversion: |
| <ul> |
| <li>[1] Use --no-cache-credentials on the svn command</li> |
| <li>[2] Do not provide --username and --password on the svn command line</li> |
| <li>[3] Provide --username and --password on the svn command line</li> |
| </ul> |
| </p> |
| </section> |
| |
| <section name="Testing"> |
| <p>Currently the tests for these features tend to be manual since they require access to a secured website |
| and/or scm repository. This test is currently disabled: AbstractContinuumProjectBuilderTest. |
| </p> |
| |
| </section> |
| |
| </body> |
| |
| </document> |