History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: QB-999
Type: Bug Bug
Status: Open Open
Priority: Major Major
Assignee: Robin Shen
Reporter: Don Ross
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
QuickBuild

SVN authentication tokens are cached when pulling changes from a user agent for proof build

Created: 02/Aug/11 04:07 PM   Updated: 03/Aug/11 03:05 PM
Return to search
Component/s: None
Affects Version/s: None
Fix Version/s: None

Original Estimate: Unknown Remaining Estimate: Unknown Time Spent: Unknown
Environment: QuickBuild 4.0.0-M1, 2011-07-02, Windows 7 agent with RedHat 5 server.


 Description  « Hide
I have set up a QB user agent on my desktop. Having checked out the code, made some changes, and, run them through a proof build, I then check in and find that the user under which they were checked in was the QuickBuild user, as defined in the repository under Proof Build Support.

It appears that QuickBuild is caching the authentication tokens when it performs local SVN operations via the user agent. This would not be a problem if I were running the user agent as the local system account. However, I am running it via 'agent console', so the user agent is running as me, so the cached authentication tokens are overwriting my own.

To prevent this from happening, Subversion commands executed by the user agent should be run with the '--no-auth-cache' option.

 All   Comments   Work Log   Change History      Sort Order:
[ Permlink | « Hide ]
Robin Shen [03/Aug/11 12:08 AM]
The user account for proof build ought to be set as user's own account as explained in "enable proof build for all developers" section of below wiki link:
http://wiki.pmease.com/display/QB31/Working+with+Subversion

This is necessary in order not to disturb your own working copy and also make the proof build committer appears as yourself.

In case of using user's own account, the auth cache will not be an issue.

[ Permlink | « Hide ]
Don Ross [03/Aug/11 03:05 PM]
That only matters if I am doing check-in as part of the proof build process. In my situation, QB is only needing read access to the users' workspace to pull changes for testing. In which case, it seems intrusive to ask the user to provide the SVN password for every proof build; instead I am hard-coding a QB username/password into the repository.

In the event we do add the ability for QB to check in the users' changes (unlikely considering our workflow), I would of course be querying the user for her password. However, even set up that way, I would not want to cache the authentication tokens, as the user may for her own reasons, or for company security policy, not be caching them on her system. As you do not want to disturb the user's working copy, you should not disturb the user's working environment, either.

However, I can understand if you want to treat this as an enhancement request rather than a bug.


Powered by Atlassian JIRA™ the Professional Issue Tracker. (Standard Edition, Version: 3.7.4-#189) - Bug/feature request - Contact Administrators