ABAP Extensions - Secure Storage for Passwords

[fidley]

Possibility to store user passwords for each system/client and several users.

1. Users should have possibility to do logon to all system where the password is stored
2. Users should have possibility to do logon using selected stored credentials ( if the project user/client is different than for selected project it needs to update firstly the user and client and then do the logon)
3. On the list of passwords users can edit/add/delete passwords for users/client/systems.

[fidley]

User will maintain data in own view. The entries for current values of each system will be automatically created (except passwords).

All passwords will be stored in secure storage under com.abapblog.adt.extension.passwords node.

[smb]

random (future) idea: query https://github.com/pfn/keepasshttp/ (URL to query saved in eclipse pointing to the specific keepass entry with sap credentials) - useful if you want to keep your credentials in one secure place.

[fidley]

https://abapblog.com/articles/how-to/168-abap-extensions-automatic-logon

[fidley]

random (future) idea: query https://github.com/pfn/keepasshttp/ (URL to query saved in eclipse pointing to the specific keepass entry with sap credentials) - useful if you want to keep your credentials in one secure place.

Nice idea, something to do in the next steps :)

[MDagni]

Hi Łukasz. This is a great idea! I'm already using Keepass to do automatic logon with a shortcut key, but this is even better. One question: If I don't choose "Logon automatically at Eclipse start", do I have to logon to the project manually? Because right now Eclipse pops up the logon dialog even though I have the password stored. If I choose that option, it logons automatically at startup.

Thanks for your efforts on improving our lives :)

[fidley]

Hi Mehmet, the properties should appear after update of the Extensions plugin. Also the view Passwords in category ABAP should appear.

Cheers Łukasz

[MDagni]

Yes they have appeared, and if I choose "Logon automatically at Eclipse start" it works fine. If I don't choose it, automatic logon does not happen when I try to open a development object in a system with saved password. I get the standard logon dialog and I have to enter the password. I would expect the automatic logon to happen at this stage.

[fidley]

Ahh sorry I've misunderstood you. Ok, then you have second option right click->ABAP Extensions->Logon With Secure Storage.

So far I haven't figure out how to do it when you tries to expand the project on the project explorer

[fidley]

I was doing tests how to get the expansion of the ProjectExplorer. I've managed this with the extension point org.eclipse.ui.navigator.navigatorContent, but the SAP listener catches the event earlier :(

[fidley]

After using reflection and getting the treeListener list from the CommonView, it seems that the logon popup from SAP is not triggered with event Expanded. It must be done in other way as after removal of all existing listeners, still the behavior of showing popup is in the place

CommonViewer commonViewer = (CommonViewer) viewer;
                AbstractTreeViewer absTV = (AbstractTreeViewer) commonViewer;
                commonViewer.addTreeListener(new TreeExpansionListener());
                Field privateStringField;
                try {
                    privateStringField = AbstractTreeViewer.class.getDeclaredField("treeListeners");
                    privateStringField.setAccessible(true);
                    ListenerList<ITreeViewerListener> NewSequencelisteners = new ListenerList<ITreeViewerListener>();
                    ListenerList<ITreeViewerListener> listenersV = (ListenerList<ITreeViewerListener>) privateStringField.get(absTV);
                    for (ITreeViewerListener listenerTV : listenersV) {
                        if (!(listenerTV instanceof TreeExpansionListener)) {
                        NewSequencelisteners.add(listenerTV);
                        commonViewer.removeTreeListener(listenerTV);
                        }
                }

                    //System.out.println("fieldValue = " + fieldValue);
                } catch (NoSuchFieldException e1) {
                    // TODO Auto-generated catch block
                    e1.printStackTrace();
                } catch (SecurityException e1) {
                    // TODO Auto-generated catch block
                    e1.printStackTrace();
                } catch (IllegalArgumentException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                } catch (IllegalAccessException e) {
                    // TODO Auto-generated catch block
                    e.printStackTrace();
                }

`

[fidley]

ContentProvider?

[fidley]

The popup comes form Content provider, in order to do logon earlier, I needed to add own content provider that is called before the one from SAP ( appearsBefore="com.sap.adt.semanticfs.packageContent" ). Fist tests are successful :)

 <extension
       point="org.eclipse.ui.navigator.navigatorContent">
      <navigatorContent
            appearsBefore="com.sap.adt.semanticfs.packageContent"
            contentProvider="com.abapblog.adt.extension.passwords.projectExplorer.ContentProvider"
            icon="icons/obj/package_obj.png"
            id="com.abapblog.adt.extensions.NavigatorContent"
            labelProvider="com.abapblog.adt.extension.passwords.projectExplorer.LabelProvider"
            name="%navigatorContent.packages"
            activeByDefault="true"
            priority="highest">    
            <triggerPoints>
            <or>
               <instanceof
                     value="com.sap.adt.projectexplorer.ui.internal.node.AbapRepositoryPackageNode">
               </instanceof>
               <instanceof
                     value="com.sap.adt.projectexplorer.ui.internal.node.AbapSystemLibraryNode">
               </instanceof>
               <and>
                  <instanceof
                        value="org.eclipse.core.resources.IProject">
                  </instanceof>
               </and>
            </or>
         </triggerPoints>
         <possibleChildren>
            <or>
               <instanceof
                     value="com.sap.adt.projectexplorer.ui.node.IAbapRepositoryBaseNode">
               </instanceof>
               <instanceof
                     value="com.sap.adt.projectexplorer.ui.internal.node.AbapRepositoryPackageNode">
               </instanceof>
               <instanceof
                     value="com.sap.adt.projectexplorer.ui.internal.node.AbapFavoritePackagesNode">
               </instanceof>
            </or>
         </possibleChildren>
       </navigatorContent>            
    <actionProvider
          class="com.abapblog.adt.extension.passwords.projectExplorer.ActionProvider"
          id="org.eclipse.ui.navigator.resources.actions.OpenActions"
          priority="highest">
       <enablement>
             <or>         
                <instanceof 
                        value="org.eclipse.core.resources.IResource" /> 
             </or>    
          </enablement>    
    </actionProvider>
 </extension>

  <extension
         id="com.abapblog.adt.extensions.passwords.ProjectExplorer"
         point="org.eclipse.ui.navigator.viewer">
      <viewerContentBinding viewerId="org.eclipse.ui.navigator.ProjectExplorer">
         <includes>
            <contentExtension
                  isRoot="false"
                  pattern="com.abapblog.adt.extensions.NavigatorContent">
            </contentExtension>
         </includes>
      </viewerContentBinding>
   </extension>

[fidley]

done / will be deployed soon

[fidley]

Keepas integration left, the logon at expansion of the project is done

[MDagni]

You are awesome 😊

[fidley]

I moved the Keepass integration to issue #4 for better tracking cc @smb