Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » DSDP - Target Management » Userid/Password cache?
Userid/Password cache? [message #6061] Fri, 16 February 2007 11:31 Go to next message
Eclipse User
Originally posted by: paul.tamminga.charter.net

I'm curious about the userid/password cache that RSE uses. Our application
has a need for this capability and I'm wondering about the feasiblity of
re-using it.

Is it actually part of RSE or is it in the infrastructure?

Is it secure?

Does it have API/packaging to make it feasible to use just that part of
rse as an enabling component?

Can someone give me a hint about where to look for this mechanism in the
code?

Thanks.
Re: Userid/Password cache? [message #6075 is a reply to message #6061] Mon, 19 February 2007 15:25 Go to previous message
Martin Oberhuber is currently offline Martin Oberhuber
Messages: 983
Registered: July 2009
Senior Member
Hi Paul,

RSE uses the Eclipse Platform's keyring for storing password
information. This is the same facility that's also used by the Eclipse
CVS Team provider and others. It's encrypted but not very secure (A CVS
dialog says: "Passwords are stored on your computer in a format that's
difficult, but not impossible for an intruder to read".

The main class in RSE to look at is PasswordPersistenceManager
(org.eclipse.rse.ui plugin). It uses Platform.getAuthorizationInfo()
which is also known as the Eclipse keyring.

The passwords themselves are stored in the Eclipse configuration area by
default, and they are "softly" encrypted with a default password. You
can slightly improve security by giving commandline parameters to
Eclipse on startup:
eclipse -keyring C:\mySecretFolder\mySecretFile -password myPassword

For more details, see
http://help.eclipse.org/help32/topic/org.eclipse.platform.do c.isv/reference/misc/runtime-options.html

Cheers,
--
Martin Oberhuber
Wind River Systems, Inc.
Target Management Project Lead, DSDP PMC Member
http://www.eclipse.org/dsdp/tm
Re: Userid/Password cache? [message #566338 is a reply to message #6061] Mon, 19 February 2007 15:25 Go to previous message
Martin Oberhuber is currently offline Martin Oberhuber
Messages: 983
Registered: July 2009
Senior Member
Hi Paul,

RSE uses the Eclipse Platform's keyring for storing password
information. This is the same facility that's also used by the Eclipse
CVS Team provider and others. It's encrypted but not very secure (A CVS
dialog says: "Passwords are stored on your computer in a format that's
difficult, but not impossible for an intruder to read".

The main class in RSE to look at is PasswordPersistenceManager
(org.eclipse.rse.ui plugin). It uses Platform.getAuthorizationInfo()
which is also known as the Eclipse keyring.

The passwords themselves are stored in the Eclipse configuration area by
default, and they are "softly" encrypted with a default password. You
can slightly improve security by giving commandline parameters to
Eclipse on startup:
eclipse -keyring C:\mySecretFolder\mySecretFile -password myPassword

For more details, see
http://help.eclipse.org/help32/topic/org.eclipse.platform.do c.isv/reference/misc/runtime-options.html

Cheers,
--
Martin Oberhuber
Wind River Systems, Inc.
Target Management Project Lead, DSDP PMC Member
http://www.eclipse.org/dsdp/tm
Previous Topic:Userid/Password cache?
Next Topic:TM Terminal view - how to manage Java updates?
Goto Forum:
  


Current Time: Thu Jul 31 03:42:31 EDT 2014

Powered by FUDForum. Page generated in 0.02326 seconds