Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » Oomph » Authorization in Eclipse Installer
Authorization in Eclipse Installer [message #1805299] Thu, 11 April 2019 07:52 Go to next message
Eclipse UserFriend
Hello, it's me again.

Does the Eclipse Installer support any kind of authorization to access remotre Oomph index? For example, I don't want to allow non-authorized users to access setup files of our team. Can it be done with current capabilities of Eclipse Installer's infrastructure?

Thank you!
Re: Authorization in Eclipse Installer [message #1805318 is a reply to message #1805299] Thu, 11 April 2019 10:23 Go to previous messageGo to next message
Eclipse UserFriend
If the setup file(s) themselves are accessed via a server that does authentication, either basic authentication or cookie-based form login, that's supported via this commit last year:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=537032

The Bugzilla has some examples.

You can use -Doomph.setup.ecf.trace=true to help see how/whether it's working you. Or setup a development environment

https://ci.eclipse.org/oomph/

and monitor what's happening here:

https://git.eclipse.org/c/oomph/org.eclipse.oomph.git/tree/plugins/org.eclipse.oomph.setup.core/src/org/eclipse/oomph/setup/internal/core/util/ECFURIHandlerImpl.java#n2113

The basic idea is that the URI is augmented with information about which login page must be visited first to acquire the session cookie need to access the original URI...
Re: Authorization in Eclipse Installer [message #1805663 is a reply to message #1805318] Fri, 19 April 2019 15:09 Go to previous messageGo to next message
Eclipse UserFriend
Sorry for long response...

Thanks a lot for answering. As I have understood, Eclipse Installer out-of-the-box supports only cookie-based and http basic authentication, right?

The problem is that we use token-based authentication (token is passed via separate http header). So it means that methods mentioned above are not suitable for our case. Is there a way to embed into Eclipse Installer our custom authentication logic?

[Updated on: Fri, 19 April 2019 15:10] by Moderator

Re: Authorization in Eclipse Installer [message #1805668 is a reply to message #1805663] Sat, 20 April 2019 00:38 Go to previous message
Eclipse UserFriend
In the end, cookies are also exchanged via the HTTP header. Whatever is needed in your case would need to be processed by ECFURIHandlerImpl likely in a similar same way as the current form-based logic. So likely it's best that you contribute the mechanism needed for this type of protocol to the open source code so that it's available for you or anyone else to use. No matter what, some extensibility mechanism would need to be designed if there needs to be new support for pluggable extensions. I spent many painful days figuring out what a browser exactly is doing in order to login and finally be able to access the actual resources and then emulating that same processing (header exchanges) automatically in Oomph. So you can either implement this yourself and contribute an extension mechanism, contribute the entire implementation, or sponsor the development of these things...
Previous Topic:Missing requirement: 1.0.0.v1555157849834
Next Topic:Eclipse installer error
Goto Forum:
  


Current Time: Sat Jul 12 13:19:07 EDT 2025

Powered by FUDForum. Page generated in 0.05088 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly