Login | Register
My pages Projects Community openCollabNet

Discussions > dev > [Subclipse-dev] Continuous Integration: Testing security by changing authentication credentials. Is it impossible?

subclipse
Discussion topic

Back to topic list

[Subclipse-dev] Continuous Integration: Testing security by changing authentication credentials. Is it impossible?

Author jruizjimenez
Full name Javier Ruiz Jiménez
Date 2011-06-17 04:33:37 PDT
Message Hi

We are developing an application to administer Subversion repositories, for subversion access we are using svnclientadapter with javahl (because we need to do exports without externals).

In order to provide the credentials to access the repository we use an implementation of ISVNPromptUserPassword as PasswordCallback.

Our ISVNPromptUserPassword implementation returns false in userAllowedSave so the user/password is not cached.

Everything works perfectly for production except that we would like to run some tests during CI to check user authorization against different paths (We launch a svnserv during tests and create some repositories and paths).

The user/password is not cached between different executions of the application, I have checked %APPDATA%/Subversion​/auth/svn.simple for cached credentials and credentials are not cached.

Problem:

The user/password is cached in memory during the execution of the test and can't be changed.

We need to be able to change credentials to test with different users.

Something like:

test(){
  setUser(admin);
  commitToFolder(AdminOnlyFolder)
  setUser(reader);
  commitToFolder(AdminOnlyFolder) -> expect failure.

}

Is it possible to change the user/password during execution?

Thanks!

« Previous message in topic | 1 of 3 | Next message in topic »

Messages

Show all messages in topic

[Subclipse-dev] Continuous Integration: Testing security by changing authentication credentials. Is it impossible? jruizjimenez Javier Ruiz Jiménez 2011-06-17 04:33:37 PDT
     Re: [Subclipse-dev] Continuous Integration: Testing security by changing authentication credentials. Is it impossible? markphip Mark Phippard 2011-06-17 05:35:19 PDT
         RE: Re: [Subclipse-dev] Continuous Integration: Testing security by changing authentication credentials. Is it impossible? jruizjimenez Javier Ruiz Jiménez 2011-06-17 08:47:56 PDT
Messages per page: