Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Oomph » Authorization in Eclipse Installer
Authorization in Eclipse Installer [message #1805299] Thu, 11 April 2019 11:52 Go to next message
Tim Sibirsky is currently offline Tim SibirskyFriend
Messages: 9
Registered: October 2018
Junior Member
Hello, it's me again.

Does the Eclipse Installer support any kind of authorization to access remotre Oomph index? For example, I don't want to allow non-authorized users to access setup files of our team. Can it be done with current capabilities of Eclipse Installer's infrastructure?

Thank you!
Re: Authorization in Eclipse Installer [message #1805318 is a reply to message #1805299] Thu, 11 April 2019 14:23 Go to previous messageGo to next message
Ed Merks is currently offline Ed MerksFriend
Messages: 30458
Registered: July 2009
Senior Member
If the setup file(s) themselves are accessed via a server that does authentication, either basic authentication or cookie-based form login, that's supported via this commit last year:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=537032

The Bugzilla has some examples.

You can use -Doomph.setup.ecf.trace=true to help see how/whether it's working you. Or setup a development environment

https://ci.eclipse.org/oomph/

and monitor what's happening here:

https://git.eclipse.org/c/oomph/org.eclipse.oomph.git/tree/plugins/org.eclipse.oomph.setup.core/src/org/eclipse/oomph/setup/internal/core/util/ECFURIHandlerImpl.java#n2113

The basic idea is that the URI is augmented with information about which login page must be visited first to acquire the session cookie need to access the original URI...
Re: Authorization in Eclipse Installer [message #1805663 is a reply to message #1805318] Fri, 19 April 2019 19:09 Go to previous messageGo to next message
Tim Sibirsky is currently offline Tim SibirskyFriend
Messages: 9
Registered: October 2018
Junior Member
Sorry for long response...

Thanks a lot for answering. As I have understood, Eclipse Installer out-of-the-box supports only cookie-based and http basic authentication, right?

The problem is that we use token-based authentication (token is passed via separate http header). So it means that methods mentioned above are not suitable for our case. Is there a way to embed into Eclipse Installer our custom authentication logic?

[Updated on: Fri, 19 April 2019 19:10]

Report message to a moderator

Re: Authorization in Eclipse Installer [message #1805668 is a reply to message #1805663] Sat, 20 April 2019 04:38 Go to previous message
Ed Merks is currently offline Ed MerksFriend
Messages: 30458
Registered: July 2009
Senior Member
In the end, cookies are also exchanged via the HTTP header. Whatever is needed in your case would need to be processed by ECFURIHandlerImpl likely in a similar same way as the current form-based logic. So likely it's best that you contribute the mechanism needed for this type of protocol to the open source code so that it's available for you or anyone else to use. No matter what, some extensibility mechanism would need to be designed if there needs to be new support for pluggable extensions. I spent many painful days figuring out what a browser exactly is doing in order to login and finally be able to access the actual resources and then emulating that same processing (header exchanges) automatically in Oomph. So you can either implement this yourself and contribute an extension mechanism, contribute the entire implementation, or sponsor the development of these things...
Previous Topic:Necromancing the org.eclipse.amalgan.setup
Next Topic:Eclipse installer error
Goto Forum:
  


Current Time: Sat Sep 21 12:56:48 GMT 2019

Powered by FUDForum. Page generated in 0.02122 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top