[jira] Commented: (WAGON-177) Allow use of both password and private key

Fri, 19 Nov 2010 05:56:49 -0800 

    [ 
http://jira.codehaus.org/browse/WAGON-177?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=243747#action_243747
 ] 

Tuomas Kiviaho commented on WAGON-177:
--------------------------------------

Logic is actually vice versa as states the following old chinese saying taken 
from AbstractSshWagon
// If user don't define a password, he want to use a private key

I'm transitioning from private key based scp connection to http protocol with 
encrypted password and it would have been great to maintains backwards 
compatibility (the password I'm using happens to be different between the two 
approaches).

> Allow use of both password and private key
> ------------------------------------------
>
>                 Key: WAGON-177
>                 URL: http://jira.codehaus.org/browse/WAGON-177
>             Project: Maven Wagon
>          Issue Type: Improvement
>          Components: wagon-ssh
>            Reporter: Kenney Westerhof
>             Fix For: 1.x
>
>
> We have corporate m2 repository over http with Digest authentication.
> We specify the <username> and <password> for that repository so the 
> ArtifactManager can download
> artifacts.
> We also use scp to deploy artifacts to that same repository. We use the same 
> username, but
> a different password and/or a private key file.
> AbstractSshWagon's logic is that it only uses the private key file if there's 
> no password specified.
> It should first try the private key file, and optionally use the password to 
> decode it if it's password-protected,
> then try that private key authentication, and if that fails, try the 
> password/passphrase authentications.
> Ssh allows for multiple authentication methods to be tried before failure.
> Even better would be to allow different usernames for the same repository, 
> depending on if it's
> used for deployment or artifact resolution (but that's a maven-core issue).
> Right now we have to use two different repository id's and double 
> configuration for both normal and snapshot repositories, when in fact it's 
> the same repository with 2 different access methods.
> (most of this issue is more appropriately placed in maven-core somewhere, but 
> the password/privatekey
> issue solves part of the problem).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to