bzr-svn not caching credentials
Jelmer Vernooij
jelmer at vernstok.nl
Tue Jan 25 19:19:53 UTC 2011
On Tue, 2011-01-25 at 14:03 -0500, Gordon Tyler wrote:
> In response to https://answers.launchpad.net/bzr-svn/+question/85149,
> Jelmer said:
> > bzr-svn (or Bazaar itself) will never cache your password. You can
> > explicitly store it in authentication.conf though, and bzr-svn can use
> > any credentials that the "svn" command-line tool has cached in the
> > past.
>
> Today, this bit me in the ass. I've been experimenting with using bzr
> local branches with an SVN upstream server at work. This has been working
> quite well. However, my company's security policy requires changing my
> domain password every 3 months. Today was that day and now bzr prompts me
> for my SVN (which is mapped to the domain auth) password every time I try
> to commit because it still has the old password in the svn saved auth
> info.
>
> The only way I can see to resolve this currently is to make a commit to
> that SVN server using the standard SVN or TortoiseSVN client which will
> update the saved auth info.
>
> If bzr-can read the saved auth info, why can't it update it as well?
It seems wrong for Bazaar to be writing to ~/.subversion. Also,
passwords are stored plain-text in ~/.subversion, which is a security
concern. As a Bazaar user I wouldn't want Bazaar to write my passwords
in plain text *anywhere* on disk automatically.
Personally, I would prefer for Bazaar to support e.g. gnome-keyring to
handle caching of credentials.
Cheers,
Jelmer
More information about the bazaar
mailing list