Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Oomph » How can i write to the secure storage during setup?
How can i write to the secure storage during setup? [message #1746259] Wed, 26 October 2016 08:07 Go to next message
Johannes Dorn is currently offline Johannes DornFriend
Messages: 61
Registered: June 2013
Member
During my Oomph setup, i want to write to the secure storage.

Under a node of my plugin's id, there should be a node of an escaped URL (supplied by the user through a variable task). Below that, there should be a username (unencrypted) and a password (encrypted), both supplied by the user through variable tasks.

Thus, the tree should look something like this:

[Default Secure Storage]
    org.example.plugin
        https%3A%2F%2Fexample.org%2F
            username: johndoe
            password: *******


How can i do this?
Re: How can i write to the secure storage during setup? [message #1746333 is a reply to message #1746259] Thu, 27 October 2016 07:16 Go to previous messageGo to next message
Ed Merks is currently offline Ed MerksFriend
Messages: 33113
Registered: July 2009
Senior Member
When writing a setup for a customer project where the setup itself required password access to the web view of the git repository where the setup is located I noticed that later while cloning from that same git repository of course the same credentials were needed, so I added support for the propertyValue filter (you'll need the latest milestone build) and could then use it like this to transfer the credentials from where Oomph stores them from accessing the setup, to the location where EGit will look for credentials when cloning via https:
<?xml version="1.0" encoding="UTF-8"?>
<setup:CompoundTask
    xmi:version="2.0"
    xmlns:xmi="http://www.omg.org/XMI"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:setup="http://www.eclipse.org/oomph/setup/1.0"
    name="GIT">
  <setupTask
      xsi:type="setup:PreferenceTask"
      key="/secure/GIT/https:\2f\2fexample.com:443/password"
      value="${example.com.site.secure.password.path|propertyValue}">
    <description>This preference task stores the user password used to access the Opale setup into the location where EGit will look for the credentials for accessing the ESA Git repository</description>
  </setupTask>
  <setupTask
      xsi:type="setup:PreferenceTask"
      key="/secure/GIT/https:\2f\2fexample.com:443/user"
      value="${example.com.site.secure.user.path|propertyValue}">
    <description>This preference task stores the user name used to access the Opale setup into the location where EGit will look for the credentials for accessing the ESA Git repository</description>
  </setupTask>
  <setupTask
      xsi:type="setup:VariableTask"
      name="example.com.site.secure.password.path"
      value="/secure/org.eclipse.oomph/hosts/example.com/password">
    <description>This variable contains the path in the secure storage where Oomph will have stored the user password for accessing the Opale setup</description>
  </setupTask>
  <setupTask
      xsi:type="setup:VariableTask"
      name="example.com.site.secure.user.path"
      value="/secure/org.eclipse.oomph/hosts/example.com/user">
    <description>This variable contains the path in the secure storage where Oomph will have stored the user name for accessing the Opale setup</description>
  </setupTask>
  <description>These tasks propagate the credentials used for accessing the Oomph setup to the location where EGit will use then to access the ESA Git clone.</description>
</setup:CompoundTask>

So you can set such information using preference tasks. I would suggest installing org.eclipse.oomph.preferences.feature.group so you can use Window -> Preferences -> Oomph -> All Preferences -> Edit... to inspect all your preferences, and in particular the secure preferences so that in the properties view you can see what paths you can use in tasks for working with the secure preferences.

I expect you'll want a prompted password variable; that value will be stored in secure storage and then you can use the above approach to also store that value anywhere else in secure storage where you expect some other technology will look for those credentials.


Ed Merks
Professional Support: https://www.macromodeling.com/
Re: How can i write to the secure storage during setup? [message #1746339 is a reply to message #1746333] Thu, 27 October 2016 08:57 Go to previous messageGo to next message
Johannes Dorn is currently offline Johannes DornFriend
Messages: 61
Registered: June 2013
Member
Thank you Ed, this works very well.

However, i am not sure why you copy the property value from the path in oomph's secure storage, rather than writing the variables value directly?

Here is my current setup.
<setupTask
            xsi:type="setup:VariableTask"
            id="ctrlflow.user.username"
            name="ctrlflow.user.username"
            label="Username">
</setupTask>
<setupTask
            xsi:type="setup:VariableTask"
            id="ctrlflow.user.password"
            type="PASSWORD"
            name="ctrlflow.user.password"
            label="Password">
          <description>The password to open project resources</description>
</setupTask>
<setupTask
            xsi:type="setup:VariableTask"
            id="ctrlflow.user.password.path"
            name="ctrlflow.user.password.path"
            value="/secure/org.eclipse.oomph.setup/ctrlflow.user.password"
            label=""/>
</setupTask>
<setupTask
              xsi:type="setup:PreferenceTask"              
              id="com.codetrails.internal.hippie.completion.rcp.preferences.server.username"
              key="/secure/com.codetrails.connect.hippie.rcp/https%3A%2F%2F${ctrlflow.server.hostname|uri}%2F/username"
              value="${ctrlflow.user.username}"/>
</setupTask>
<setupTask
              xsi:type="setup:PreferenceTask"
              id="com.codetrails.internal.hippie.completion.rcp.preferences.server.password"
              key="/secure/com.codetrails.connect.hippie.rcp/https%3A%2F%2F${ctrlflow.server.hostname|uri}%2F/password"
              value="${ctrlflow.user.password}"/>
</setupTask>
<setupTask
              xsi:type="setup:PreferenceTask"
              id="com.codetrails.internal.hippie.completion.rcp.preferences.server.password2"
              key="/secure/com.codetrails.connect.hippie.rcp/https%3A%2F%2F${ctrlflow.server.hostname|uri}%2F/password2"
              value="${ctrlflow.user.password.path|propertyValue}"/>
</setupTask>


I write the username directly into the secure storage. For the password i am writing it into secure storage twice. Once directly from the variable, once using the property value. Both yield the same result but the first approach is less complicated.

What is the advantage of using the property value approach?
Re: How can i write to the secure storage during setup? [message #1746362 is a reply to message #1746339] Thu, 27 October 2016 13:37 Go to previous messageGo to next message
Ed Merks is currently offline Ed MerksFriend
Messages: 33113
Registered: July 2009
Senior Member
My example is just one where the password isn't one that's stored in a variable already, it's a password that ends up saved in the secure storage because the ECFURIHandlerImpl directly prompts the user for the password in order to access the setup itself, so there is no variable holding the value in my example. Often the same credentials are needed for several different technologies, so the example is a good way to avoid having each technology prompt the user yet again for the same credentials. But yes, if you have a prompted password variable you can of course use that variable's value directly to store it where ever you want in the secure storage.

Ed Merks
Professional Support: https://www.macromodeling.com/
Re: How can i write to the secure storage during setup? [message #1746396 is a reply to message #1746362] Fri, 28 October 2016 06:42 Go to previous message
Johannes Dorn is currently offline Johannes DornFriend
Messages: 61
Registered: June 2013
Member
Ah, got it.

That is indeed a very useful example.

Thanks, Ed!
Previous Topic:ResourceCopyTask appears to fail when authentication requried
Next Topic:Easier way to test p2 provision
Goto Forum:
  


Current Time: Thu Mar 28 20:17:03 GMT 2024

Powered by FUDForum. Page generated in 0.04753 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top