On Tue, Apr 02, 2013 at 10:47:51PM +0300, Mikko Rapeli wrote:

> Don't know anything about curl but maybe git could parse the url for a
> username and prompt for the password before the first 401 failure roundtrip
> that's now in place. I guess most of this logic is in http.c.

We used to do that but stopped, as curl might also be able to retrieve
the password from .netrc; the extra prompt was an annoyance to users
in this situation.

Now that we have the credential subsystem, I would recommend dropping
usernames from all git-over-http URLs, and either:

  1. Using a credential helper that supports secure long-term storage
     (osxkeychain, wincred, etc).

  2. Specifying the username to the credential subsystem explicitly, by
     putting something like:

       [credential "https://yourhost/";]
              username = yourusername

     in your git config.

Obviously (1) is nicer, but you may have corporate policies against
storing credentials. Or you may have a complicated single sign-on
procedure, where the password changes. In that case, I would still say
it is worth writing a custom helper script that can feed the temporary
credential to git.

-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to