greggigon
commented
3 years ago Hi Gaurav I think you are exactly right. What would even better if you have a PR that would help to fix this issue. Can you supply one? @gaurav1264
Open gaurav1264 opened 3 years ago
greggigon
commented
3 years ago Hi Gaurav I think you are exactly right. What would even better if you have a PR that would help to fix this issue. Can you supply one? @gaurav1264
Hi Greg,
We use Crowd plugin in Teamcity for user authentication managed in Crowd. With password based authentication everything works as expected, but when we use token to access protected resource, it works fine but also causes account lock issue.
The scenario: In bash script, we POST data onto VCS root as in below TC URL. URL is configured with token based authentication. https://USERNAME:TOKEN@teamcity-uat.net/httpAuth/app/rest/vcs-root-instances/commitHookNotification?locator=vcsRoot:(id:oat_webhook_test)
When we call script in cenrtain interval for more than 3-5 times, account gets locked even though curl response is successful.
Looks like token based authentication is happening locally in Teamcity, but also delegates call to crowd for further authentication with USERNAME and TOKEN. I suspect, token is treated as password in Crowd thus account gets locked because token is not correct password
I feel that token based authentication should happen only in Teamcity, and do not involve Crowd in case authentication is token based. What do you say?
Regards, Gaurav