[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Change default "store-passwords" policy to "no"

From: Ben Collins-Sussman <sussman_at_red-bean.com>
Date: 2007-10-11 16:47:45 CEST

On 10/11/07, Mark Phippard <markphip@gmail.com> wrote:
> On 10/11/07, Ben Collins-Sussman <sussman@red-bean.com> wrote:
> > My preference is that after successful authentication, the default
> > behavior is to *ask* the user whether to cache the password on disk.
> > (And the prompt should make it clear whether the cache will be
> > encrypted or not.) This is what web browsers do, and that's a UI
> > that everyone is familiar and comfortable with.
> >
> > (It sort of matches the way we prompt about accepting new SSL
> > certificates: never, for this session only, or permanently.)
>
> AFAIK, Subversion already has this functionality. I think the CLI
> just does not use it. When a user is using Subclipse, as an example,
> we receive a callback from JavaHL that asks for username/password AND
> whether the user wants to cache the password. The problem (I think)
> is if you set store-passwords=no, then the user will no longer get
> that option to store the password. I think that would be an
> unacceptable regression.

Well, then it sounds like we simply need to make the CLI do an extra
"do you want to store the password?" prompt when store-passwords=yes.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 11 16:55:21 2007

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.