Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 334775

Summary: [server] Implement User Service on Equinox Secure Storage
Product: [ECD] Orion Reporter: Szymon Brandys <Szymon.Brandys>
Component: ClientAssignee: Szymon Brandys <Szymon.Brandys>
Status: RESOLVED FIXED QA Contact:
Severity: enhancement    
Priority: P3 CC: john.arthorne, marco, pwebster
Version: 0.2   
Target Milestone: 0.2   
Hardware: PC   
OS: Windows XP   
Whiteboard:
Bug Depends on:    
Bug Blocks: 334120, 334655    

Description Szymon Brandys CLA 2011-01-19 07:39:27 EST 
We should store credentials in a more secure way.
Comment 1 Szymon Brandys CLA 2011-01-24 06:53:13 EST 
Fixed.
Comment 2 John Arthorne CLA 2011-01-24 16:25:01 EST 
This doesn't work on 64-bit windows or Linux because there is no password provider. orion.eclipse.org is a Linux machine so it means authentication won't work on that server.

Equinox secure storage provides a default password provider, however it is defined in org.eclipse.equinox.security.ui, which obviously has UI dependencies and is not appropriate for the server. I think we will need to add a PasswordProvider that obtains the password from a system property, so that we have a solution that works on all platforms (this could maybe be contributed back to equinox in the future, but we need something for M5).
Comment 3 John Arthorne CLA 2011-01-24 16:26:04 EST 
This is the error I get attempting to run the server on 64-bit windows:

org.eclipse.equinox.security.storage.StorageException: No secure storage modules found.
	at org.eclipse.equinox.internal.security.storage.PasswordProviderSelector.findStorageModule(PasswordProviderSelector.java:190)
	at org.eclipse.equinox.internal.security.storage.SecurePreferencesRoot.getModulePassword(SecurePreferencesRoot.java:231)
	at org.eclipse.equinox.internal.security.storage.SecurePreferencesRoot.getPassword(SecurePreferencesRoot.java:224)
	at org.eclipse.equinox.internal.security.storage.SecurePreferences.put(SecurePreferences.java:224)
	at org.eclipse.equinox.internal.security.storage.SecurePreferencesWrapper.put(SecurePreferencesWrapper.java:110)
	at org.eclipse.orion.internal.server.user.securestorage.SecureStorageUserAdmin.internalCreateOrUpdateUser(SecureStorageUserAdmin.java:138)
	at org.eclipse.orion.internal.server.user.securestorage.SecureStorageUserAdmin.createUser(SecureStorageUserAdmin.java:110)
	at org.eclipse.orion.server.useradmin.servlets.UserServlet.createUser(UserServlet.java:112)
	at org.eclipse.orion.server.useradmin.servlets.UserServlet.doPost(UserServlet.java:83)
Comment 4 John Arthorne CLA 2011-01-24 16:41:28 EST 
This was blocking me from further testing so I released a password provider that consults a system property.
Comment 5 Marco Descher CLA 2016-03-23 06:17:00 EDT 
@John Could you please point to the location? I am currently setting up a server on 64bit linux and face the same problem you seem to have solved!