Re-write command line tools to support auth w/o properties file.
Reported by aaron.meier | March 23rd, 2011 @ 08:41 AM
Hello,
Tools like RD-Jobs currently use a clear-text password stored on the local file system to authenticate the user. We have written a python script that uses an encrypted storage space to decrypt and send to the API via https.
If you could write the command line tools to use the new API in 1.2, and provide another optional means of getting the password (like from stdin, or a script to execute), then I believe that will satisfy the security requirements of most companies.
Another, less important feature, would be to implement a Console.readPassword() call with a java command line tool, since it uses "secure" memory to store the char[] array.
I'm sure you have better ideas than I do, but the general idea is secure password storage and using the 1.2 API.
Thanks,
Aaron Meier, RightNow Technologies
Comments and changes to this ticket
-
Alex-SF March 23rd, 2011 @ 08:42 AM
- Assigned user set to “Alex-SF”
-
Deleted User March 23rd, 2011 @ 08:47 AM
To clarify, you're speaking of the password stored in framework.properties correct?
-
-
Alex-SF July 9th, 2011 @ 02:01 PM
- Tag set to “cli, credentials, enhancement, user”
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues
People watching this ticket
aaron.meier
Alex-SF
Greg Schueler
Tags
Referenced by
-
295
Allow differentiation of unix user that ran a job using "run" command line tool
We should also have a way to pass any arbitrary
username/...