Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » DSDP - Target Management » Userid/Password cache?
Userid/Password cache? [message #6061] Fri, 16 February 2007 16:31 Go to next message
Eclipse UserFriend
Originally posted by: paul.tamminga.charter.net

I'm curious about the userid/password cache that RSE uses. Our application
has a need for this capability and I'm wondering about the feasiblity of
re-using it.

Is it actually part of RSE or is it in the infrastructure?

Is it secure?

Does it have API/packaging to make it feasible to use just that part of
rse as an enabling component?

Can someone give me a hint about where to look for this mechanism in the
code?

Thanks.
Re: Userid/Password cache? [message #6075 is a reply to message #6061] Mon, 19 February 2007 20:25 Go to previous message
Martin Oberhuber is currently offline Martin OberhuberFriend
Messages: 1007
Registered: July 2009
Senior Member
Hi Paul,

RSE uses the Eclipse Platform's keyring for storing password
information. This is the same facility that's also used by the Eclipse
CVS Team provider and others. It's encrypted but not very secure (A CVS
dialog says: "Passwords are stored on your computer in a format that's
difficult, but not impossible for an intruder to read".

The main class in RSE to look at is PasswordPersistenceManager
(org.eclipse.rse.ui plugin). It uses Platform.getAuthorizationInfo()
which is also known as the Eclipse keyring.

The passwords themselves are stored in the Eclipse configuration area by
default, and they are "softly" encrypted with a default password. You
can slightly improve security by giving commandline parameters to
Eclipse on startup:
eclipse -keyring C:\mySecretFolder\mySecretFile -password myPassword

For more details, see
http://help.eclipse.org/help32/topic/org.eclipse.platform.do c.isv/reference/misc/runtime-options.html

Cheers,
--
Martin Oberhuber
Wind River Systems, Inc.
Target Management Project Lead, DSDP PMC Member
http://www.eclipse.org/dsdp/tm
Re: Userid/Password cache? [message #566338 is a reply to message #6061] Mon, 19 February 2007 20:25 Go to previous message
Martin Oberhuber is currently offline Martin OberhuberFriend
Messages: 1007
Registered: July 2009
Senior Member
Hi Paul,

RSE uses the Eclipse Platform's keyring for storing password
information. This is the same facility that's also used by the Eclipse
CVS Team provider and others. It's encrypted but not very secure (A CVS
dialog says: "Passwords are stored on your computer in a format that's
difficult, but not impossible for an intruder to read".

The main class in RSE to look at is PasswordPersistenceManager
(org.eclipse.rse.ui plugin). It uses Platform.getAuthorizationInfo()
which is also known as the Eclipse keyring.

The passwords themselves are stored in the Eclipse configuration area by
default, and they are "softly" encrypted with a default password. You
can slightly improve security by giving commandline parameters to
Eclipse on startup:
eclipse -keyring C:\mySecretFolder\mySecretFile -password myPassword

For more details, see
http://help.eclipse.org/help32/topic/org.eclipse.platform.do c.isv/reference/misc/runtime-options.html

Cheers,
--
Martin Oberhuber
Wind River Systems, Inc.
Target Management Project Lead, DSDP PMC Member
http://www.eclipse.org/dsdp/tm
Previous Topic:Deadline for EclipseCon Early Registration is tomorrow Feb.14!
Next Topic:TM Terminal view - how to manage Java updates?
Goto Forum:
  


Current Time: Thu Mar 28 09:38:00 GMT 2024

Powered by FUDForum. Page generated in 0.03037 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top