Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 356950

Summary:

Allow eclipse config style variables in the -eclipse.keyring command line argument

Product:

[Eclipse Project] Equinox

Reporter:

Chris Austin <ChrisAustin>

Component:

Security

Assignee:

Thomas Watson <tjwatson>

Status:

RESOLVED FIXED

QA Contact:

Severity:

enhancement

Priority:

CC:

daniel_megert, tjwatson

Version:

3.7

Target Milestone:

Juno M7

Hardware:

OS:

Windows 7

Whiteboard:

Attachments:

Description	Flags
Proposed fix	none
Fix version 2.	tjwatson: iplog+

Description Chris Austin

2011-09-07 11:06:02 EDT

Currently, the eclipse.keyring argument does not allow for any special configuration variables, like the user home, workspace, or configuration directories.  In the case of a webapp, a relative path to the working directory is not enough to manage the secure store, because different web servers will have varied directory structures.

Comment 1 Chris Austin

2011-09-07 12:57:23 EDT

Created attachment 202918 [details]
Proposed fix

I have a patch (but I confess I have yet to work in Git so this is all based off of CVS HEAD).

This patch allows for @user.home and @config.dir to be used at the start of the -eclipse.keyring path argument.

Comment 2 Thomas Watson

2011-09-09 17:16:39 EDT

For user.home could you just use -eclipse.keyring=~/MyKeyRingFile.  I don't recall if ~ will work on all OSes with Java.

I'm not sure if using a keyring relative to the configuration area is logical because the keyring should be associated with a particular user.

Comment 3 Chris Austin

2011-09-12 10:16:47 EDT

(In reply to comment #2)
> For user.home could you just use -eclipse.keyring=~/MyKeyRingFile.  I don't
> recall if ~ will work on all OSes with Java.

Unfortunately we will need this to be platform independent.  Is there documentation on this ~ syntax somewhere?

> I'm not sure if using a keyring relative to the configuration area is logical
> because the keyring should be associated with a particular user.

Yes, I suppose that makes sense.  I can modify the patch to remove @config.dir - having the user home variable would be sufficient.

Comment 4 Thomas Watson

2011-09-12 11:43:41 EDT

(In reply to comment #3)
> (In reply to comment #2)
> > For user.home could you just use -eclipse.keyring=~/MyKeyRingFile.  I don't
> > recall if ~ will work on all OSes with Java.
> 
> Unfortunately we will need this to be platform independent.  Is there
> documentation on this ~ syntax somewhere?

Sorry for the misdirection.  This option will not work on Java.  I think the ~ support is supplied by the shell not the file system itself so when you use ~ for in a file name it gets used as is.

> 
> > I'm not sure if using a keyring relative to the configuration area is logical
> > because the keyring should be associated with a particular user.
> 
> Yes, I suppose that makes sense.  I can modify the patch to remove @config.dir
> - having the user home variable would be sufficient.

I think this would be good.  No need to add more function unless it is required and makes sense.

Comment 5 Chris Austin

2011-09-12 15:33:39 EDT

Created attachment 203184 [details]
Fix version 2.

Removed the @config.dir variable option

Comment 6 Dani Megert

2012-04-24 10:14:00 EDT

Tom, can you take a look at the patch and decide whether we can do this for Juno?

Comment 7 Thomas Watson

2012-04-24 10:17:55 EDT

Looking at the patch to apply for Juno M7.

Comment 8 Thomas Watson

2012-04-24 10:42:58 EDT

I released a slightly modified patch to use the constructor File(String,String) instead.  Thanks Chris.

Comment 9 Thomas Watson

2012-04-24 10:43:27 EDT

Comment on attachment 203184 [details]
Fix version 2.

Modified patch released as commit:

http://git.eclipse.org/c/equinox/rt.equinox.bundles.git/commit/?id=f3110a4c2281782a42a9da31a51185de3d760b76