Hi Rahul,In addition to Darren's comments, I would prefer to see the use of symbolic HTTP return codes from httplib - eg in:
+ if e.code == 401It would be good to find a mechanism to either cache the user credentials in a safe manner (like option #1 below) or get the depot server to return a cookie on successful authentication, which then could be easily cached.
In some ways it would be nice if it were possible to open a long-lived connection to the depot from pkgsend. Thinking out loud, maybe have an interactive option to pkgsend which opens a session with the user's credentials and then allows you to perform multiple operations within that session.
Eg. $ pkgsend -i -u myname -s https://agneyam.india.sun.com:8080/ Password: xxx > send SUNWipkg ... > send abc ... > exit $ Trev rahul wrote:
Hi,
I have posted the diff for allowing pkgsend to ask for user
credentials and using basic auth at
http://defect.opensolaris.org/bz/show_bug.cgi?id=689
I would like to get some comments on this bug, especially accepting
the credentials from the user.
Other than the approach taken the other alternatives are:
1) cvs/svn like .pkg directory/file where the auth info is stored
2) allow user to specify a username and a password file as parameters
3) allow user to specify a username and a password file as environment
values.
4) allow only signed packages? (would require changes at pkg.depot too,)
The current implementation was tested on a Sun Java System Webproxy
configured as a secure reverse proxy with acls to protect /open.* alone.
Rahul
--
1. e4 _
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
