[jbosstools-dev] Secure Storage default password dialog

Max Rydahl Andersen max.andersen at redhat.com
Mon Feb 11 13:12:40 EST 2013 

> Only if a linux fragment comes along. I'll drop my priority to 3 anyway to be on the safe side

Aah - with a fragment the existing providers in the eclipse.org feature are actually replaced, right?

But again, could you point to a pull request or git repo with the changes so I can look ?

Now I grok it better i'm wondering if best course of action is to simply install a provider
with higher priority than the default, but lower than any OS specific one and yes, make it part of JBoss Tools Base
so it helps all ?

btw. any reason why form based UI was used and not just basic dialog with a bit extra info ?

/max


> 
> On 02/11/2013 03:42 PM, Max Rydahl Andersen wrote:
>> 
>>> My mistake, the win32 fragment does correctly use the priority etc ...
>>> 
>>> <fragment>
>>>  <extension
>>>        id="WindowsPasswordProvider"
>>>        name="%windowsModuleName"
>>>        point="org.eclipse.equinox.security.secureStorage">
>>>     <provider
>>>           class="org.eclipse.equinox.internal.security.win32.WinCrypto"
>>>           description="%providerDescription"
>>>           priority="5">
>>>        <hint
>>>              value="AutomaticPasswordGeneration">
>>>        </hint>
>>>     </provider>
>>>  </extension>
>>> </fragment>
>>> 
>>> With a priority of 5, my linux fragment could have the same priority and display the more
>>> informative dialog.
>> 
>> Reading the docs I thought eclipse would do an arbitrary selection between password providers with the same priority ?
>> 
>> You would need the OS specific ones to be at a *higher* priority than yours for it work, right?
>> 
>> /max
>> 
>>> 
>>> PGR
>>> 
>>> 
>>> 
>>> On 02/11/2013 02:41 PM, phantomjinx wrote:
>>>> Hi Max,
>>>> 
>>>> I take your points so considering an alternative that will address the deficiencies of the current
>>>> implementation. One point to address though ...
>>>> 
>>>>> Btw. from what I can tell this dialog will only show up *once* per machine and only when using Linux and in context of teiid/server adapter only if your server is remote (i.e. it won't 
>>>>> need to ask when using local servers)
>>>> 
>>>> The dialog (on linux) will always appear at the start of the session asking for the secure storage
>>>> password, due to the teiid runtime client needing the admin password for communication with the
>>>> teiid server.
>>>> 
>>>> Looking into the fragment issue, it seems eclipse defies its own extension by using a fragment for
>>>> windows and macosx. The extension point provides a priority so that multiple password providers can
>>>> be offered yet the fragment does not use it. So ...
>>>> 
>>>> I could separate out my code into a linux-only fragment, and remove the specific references to JBoss
>>>> and Teiid in the dialog messages, thereby 'genericising' it. This would ensure that those users
>>>> running linux, who are the only ones to see it, would get a dialog with much more information
>>>> regarding what the password is for - the primary purpose of overriding the dialog in the first place.
>>>> 
>>>> PGR
>>>> 
>>>> On 02/11/2013 12:13 PM, Max Rydahl Andersen wrote:
>>>>>> If it overrides the default for *all* secure password settings then it shouldn't go into any of our plugins meant
>>>>>> to be installed on top of Eclipse. No single plugin should be messing with that.
>>>>>> 
>>>>>> We could do it in the JBDS distro/setup since here we control the eclipse instance/setup.
>>>>> 
>>>>> Actually, Reading some more on this then if I understand it correctly this extension point overrides all other password dialogs - even OS specific ones.
>>>>> 
>>>>> http://help.eclipse.org/juno/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Freference%2Fextension-points%2Forg_eclipse_equinox_security_secureStorage.html
>>>>> and http://help.eclipse.org/juno/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Fguide%2Fsecure_storage_dev.htm both state this extension point should not
>>>>> be necessary to override.
>>>>> 
>>>>> Since secure storage is used by many things (Server adapter and Teiid is not the only one) I don't think just overriding this extension point is proper.
>>>>> If we do it sounds like we would need to provide custom hooks for OSX and Windows integration.
>>>>> 
>>>>> Btw. from what I can tell this dialog will only show up *once* per machine and only when using Linux and in context of teiid/server adapter only if your server is remote (i.e. it won't 
>>>>> need to ask when using local servers)
>>>>> 
>>>>> /max
>>>>> 
>>>>>> 
>>>>>> But if it is done per some specific secure area then we could look at putting it into the base.
>>>>>> 
>>>>>> /max
>>>>>> 
>>>>>>> 
>>>>>>> Cheers
>>>>>>> 
>>>>>>> PGR
>>>>>>> 
>>>>>>> [1] http://issues.jboss.org/browse/TEIIDDES-1591
>>>>>>> 
>>>>>>> -- 
>>>>>>> Paul Richardson
>>>>>>> 
>>>>>>> * p.g.richardson at phantomjinx.co.uk
>>>>>>> * p.g.richardson at redhat.com
>>>>>>> * pgrichardson at linux.com
>>>>>>> 
>>>>>>> "I know exactly who reads the papers ...
>>>>>>> 
>>>>>>> * The Daily Mirror is read by people who think they run the country.
>>>>>>> * The Guardian is read by people who think they ought to run the country.
>>>>>>> * The Times is read by people who do actually run the country.
>>>>>>> * The Daily Mail is read by the wives of the people who run the country.
>>>>>>> * The Financial Times is read by the people who own the country.
>>>>>>> * The Morning Star is read by the people who think the country ought to be run by another country.
>>>>>>> * The Daily Telegraph is read by the people who think it is."
>>>>>>> 
>>>>>>> Jim Hacker, Yes Minister
>>>>>>> 
>>>>>>> _______________________________________________
>>>>>>> jbosstools-dev mailing list
>>>>>>> jbosstools-dev at lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/jbosstools-dev
>>>>>> 
>>>>> 
>>>> 
>>> 
>>> -- 
>>> Paul Richardson
>>> 
>>> * p.g.richardson at phantomjinx.co.uk
>>> * p.g.richardson at redhat.com
>>> * pgrichardson at linux.com
>>> 
>>> "I know exactly who reads the papers ...
>>> 
>>> * The Daily Mirror is read by people who think they run the country.
>>> * The Guardian is read by people who think they ought to run the country.
>>> * The Times is read by people who do actually run the country.
>>> * The Daily Mail is read by the wives of the people who run the country.
>>> * The Financial Times is read by the people who own the country.
>>> * The Morning Star is read by the people who think the country ought to be run by another country.
>>> * The Daily Telegraph is read by the people who think it is."
>>> 
>>> Jim Hacker, Yes Minister
>>> 
>> 
> 
> -- 
> Paul Richardson
> 
>  * p.g.richardson at phantomjinx.co.uk
>  * p.g.richardson at redhat.com
>  * pgrichardson at linux.com
> 
> "I know exactly who reads the papers ...
> 
>  * The Daily Mirror is read by people who think they run the country.
>  * The Guardian is read by people who think they ought to run the country.
>  * The Times is read by people who do actually run the country.
>  * The Daily Mail is read by the wives of the people who run the country.
>  * The Financial Times is read by the people who own the country.
>  * The Morning Star is read by the people who think the country ought to be run by another country.
>  * The Daily Telegraph is read by the people who think it is."
> 
> Jim Hacker, Yes Minister
>

More information about the jbosstools-dev mailing list