![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
teilo
|
|
Components:
|
m2release |
|
Created:
|
12/Feb/14 10:30 AM
|
|
Description:
|
In our corporate environment the policy for user account passwords is to change them every 3 months.
In one of our Maven projects we have the M2 release plugin configured so that the Maven release Subversion operations are performed in the context of the user by enabling the option "Specify SCM login/password".
This led to the issue that the command line tools of Subversion persisted the credentials in the file C:\Users\jenkins.HOSTNAME\AppData\Roaming\Subversion\auth\svn.simple.
When the Subversion plugin was doing the next update this operation was done with the new credentials. After the user had to change its password the Windows build node still had the old credentials stored and was performing every 5 minute Subversion check with the wrong password.
Unfortunately we also have a policy that locks an account after 5 failed attempts, locking the user's account after 25 minutes.
Maven release plugin already has the option --no-auth-cache added since Maven 2.1 (http://jira.codehaus.org/browse/MRELEASE-497) in order to suppress this behavior.
The question is, does the M2 Release Plugin (0.13.0) perform an SVN command line option as well or how could it happen that the credentials were persisted, as described above?
|
|
Environment:
|
M2 Release Plugin (0.13.0)
Jenkins 1.547
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Critical]() Critical
|
|
Reporter:
|
Michael Rumpf
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/groups/opt_out.
