Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 356950

Summary: Allow eclipse config style variables in the -eclipse.keyring command line argument
Product: [Eclipse Project] Equinox Reporter: Chris Austin <ChrisAustin>
Component: SecurityAssignee: Thomas Watson <tjwatson>
Status: RESOLVED FIXED QA Contact:
Severity: enhancement    
Priority: P3 CC: daniel_megert, tjwatson
Version: 3.7   
Target Milestone: Juno M7   
Hardware: PC   
OS: Windows 7   
Whiteboard:
Attachments:
Description Flags
Proposed fix
none
Fix version 2. tjwatson: iplog+

Description Chris Austin CLA 2011-09-07 11:06:02 EDT
Currently, the eclipse.keyring argument does not allow for any special configuration variables, like the user home, workspace, or configuration directories.  In the case of a webapp, a relative path to the working directory is not enough to manage the secure store, because different web servers will have varied directory structures.
Comment 1 Chris Austin CLA 2011-09-07 12:57:23 EDT
Created attachment 202918 [details]
Proposed fix

I have a patch (but I confess I have yet to work in Git so this is all based off of CVS HEAD).

This patch allows for @user.home and @config.dir to be used at the start of the -eclipse.keyring path argument.
Comment 2 Thomas Watson CLA 2011-09-09 17:16:39 EDT
For user.home could you just use -eclipse.keyring=~/MyKeyRingFile.  I don't recall if ~ will work on all OSes with Java.

I'm not sure if using a keyring relative to the configuration area is logical because the keyring should be associated with a particular user.
Comment 3 Chris Austin CLA 2011-09-12 10:16:47 EDT
(In reply to comment #2)
> For user.home could you just use -eclipse.keyring=~/MyKeyRingFile.  I don't
> recall if ~ will work on all OSes with Java.

Unfortunately we will need this to be platform independent.  Is there documentation on this ~ syntax somewhere?

> I'm not sure if using a keyring relative to the configuration area is logical
> because the keyring should be associated with a particular user.

Yes, I suppose that makes sense.  I can modify the patch to remove @config.dir - having the user home variable would be sufficient.
Comment 4 Thomas Watson CLA 2011-09-12 11:43:41 EDT
(In reply to comment #3)
> (In reply to comment #2)
> > For user.home could you just use -eclipse.keyring=~/MyKeyRingFile.  I don't
> > recall if ~ will work on all OSes with Java.
> 
> Unfortunately we will need this to be platform independent.  Is there
> documentation on this ~ syntax somewhere?

Sorry for the misdirection.  This option will not work on Java.  I think the ~ support is supplied by the shell not the file system itself so when you use ~ for in a file name it gets used as is.

> 
> > I'm not sure if using a keyring relative to the configuration area is logical
> > because the keyring should be associated with a particular user.
> 
> Yes, I suppose that makes sense.  I can modify the patch to remove @config.dir
> - having the user home variable would be sufficient.

I think this would be good.  No need to add more function unless it is required and makes sense.
Comment 5 Chris Austin CLA 2011-09-12 15:33:39 EDT
Created attachment 203184 [details]
Fix version 2.

Removed the @config.dir variable option
Comment 6 Dani Megert CLA 2012-04-24 10:14:00 EDT
Tom, can you take a look at the patch and decide whether we can do this for Juno?
Comment 7 Thomas Watson CLA 2012-04-24 10:17:55 EDT
Looking at the patch to apply for Juno M7.
Comment 8 Thomas Watson CLA 2012-04-24 10:42:58 EDT
I released a slightly modified patch to use the constructor File(String,String) instead.  Thanks Chris.
Comment 9 Thomas Watson CLA 2012-04-24 10:43:27 EDT
Comment on attachment 203184 [details]
Fix version 2.

Modified patch released as commit:

http://git.eclipse.org/c/equinox/rt.equinox.bundles.git/commit/?id=f3110a4c2281782a42a9da31a51185de3d760b76