Mailinglist Archive: zypp-devel (149 mails)

< Previous Next >
[zypp-devel] CredentialManager to get data for authentication
  • From: Jan Kupec <jkupec@xxxxxxx>
  • Date: Mon, 08 Sep 2008 17:16:37 +0200
  • Message-id: <48C541D5.8010700@xxxxxxx>
Hi,

i just committed an initial version of zypp::media::CredentialManager (CM) class (http://lists.opensuse.org/zypp-commit/2008-09/msg00057.html) which serves for manipulation of global and user's credential files. These are by default /etc/zypp/credentials (world readable, or group readable?) and ~/.zypp/credentials).

CM is used by the media backend (currently only MediaCurl) to retrieve username/password in case it needs to authenticate to the target URL. If CM fails to find the credentials, MediaCurl will ask user via callback to provide it. It will also ask the user whether and where (global/user's) to save them and will use CM to save them after successful authentication.

Current solution uses simple text files containing one URL per line, _containing_ also 'username:password@'. These URLs are then fed to the zypp::Url constructor which parses them into an object from which you can get the username and password, as well as compare with other URLs using different zypp::url::ViewOption, etc...

This solution satisfies our current needs, but it could be extended in the future if needed. zypp::media::CredentialFileReader takes care of returning one AuthData_Ptr per valid line of the input file, so if you don't like the 'URL' solution, we just need to change the reader/writer.


Three things to do yet (in the order of importance):

- for services, propagate the credentials down to its repos when
refreshing the service, or use the service's credentials when
refreshing the repos. I don't know how to do this yet.

- write CredentialFileWriter to be used by CredentialManager::save*()
methods + a callback asking the user to decide whether he wants
to save the credentials in the global file or user's own.

- need a way to pass CredManagerOptions into MediaCurl (where the
CredentialManager is currently used). Currently i'm just able to
prefix the Target::root() to the default credential files paths.


Later we can add an interface to zypper to manage these data, list, remove, add records, etc.

Comments/suggestions are welcome.

cheers,
jano
--
To unsubscribe, e-mail: zypp-devel+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: zypp-devel+help@xxxxxxxxxxxx

< Previous Next >