Closed GoogleCodeExporter closed 9 years ago
I agree that it makes not much sense to generate a password in case LDAP is
used for authentication. As said login into Gerrit WebUI is handled by LDAP and
Git communication is secured by using SSH. So there is not much value in having
this generated password. On the other hand in case of LDAP it is annoying that
once the user (accidentially) generated a password there is no way back and the
password has always to be provided for the Git SSH operations.
Are there any reasons against always disabling this button in case of LDAP
authentication?
Original comment by edwin.ke...@gmail.com
on 1 Jul 2010 at 11:44
There is a change for review that allows the user to clear the password:
https://review.source.android.com/15829
With this users can simply remove the password if they have accidentially
clicked on the 'Generate Password' button.
Original comment by edwin.ke...@gmail.com
on 15 Jul 2010 at 1:23
Right. So this password exists for HTTP repository access, for URLs
like http://review.example.com/p/project.git. If you need to login
to access the project (or are pushing), we use your username and a
password that is dedicated to this repository access purpose. That
way its lower risk to embed the password in your ~/.netrc.
I put in a clear button in change 15829 as Edwin points out above,
but I'm not sure we should actually disable this feature.
Original comment by sop@google.com
on 15 Jul 2010 at 2:13
Original comment by sop@google.com
on 15 Jul 2010 at 2:13
So thinking about it further, we don't want to disable the
feature altogether, doing so would prevent http:// style of
repository access. The better way to do that is to support
turning off http:// access altogether, not by hiding the
password field in the web UI when LDAP is enabled.
So I'm closing this issue as completed since we now have a
way for a user to clear the password they accidentally made.
Original comment by sop@google.com
on 15 Jul 2010 at 10:48
Original comment by sop@google.com
on 28 Mar 2012 at 2:55
Original issue reported on code.google.com by
jjhel...@gmail.com
on 18 Jun 2010 at 11:37