Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 401356

Summary: Discard stored client auth info on 403
Product: [ECD] Orion Reporter: John Arthorne <john.arthorne>
Component: ClientAssignee: Maciej Bendkowski <maciej.bendkowski>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: simon_kaegi, Szymon.Brandys
Version: unspecified   
Target Milestone: 6.0 M1   
Hardware: PC   
OS: Windows 7   
Whiteboard:

Description John Arthorne CLA 2013-02-20 14:29:44 EST 
2.0 RC2

It looks like when we have an authentication failure, we are not discarding our client side auth info cache. On failure we should discard this information.  Here are the steps I used to test it:

1) Cloned a repository from GitHub
2) Enabled Storage from user profile page
3) Clicked "Fetch" in Repository page. Entered key and selected "Don't ask again"
4) Went to GitHub.com, and removed the ssh key from my account
5) Back in Orion, clicked "Fetch" again. I am prompted for password. So far so good. Cancel the fetch.
6) Back at github.com, add the ssh key back to my profile
7) Back in Orion, click Fetch again. I am *not* prompted for password and the fetch succeeded. 

I expect that this "bad" auth info should have been discarded during step 5), and I should have to enter it again in step 7).
Comment 1 Szymon Brandys CLA 2013-02-21 10:23:40 EST 
I will let Maciek to fix that. He is back first week of March.
Comment 2 Szymon Brandys CLA 2014-04-28 06:40:35 EDT 
Maciek, I found this bug with old target milestone. Was that fixed? If not, could you take care of it.
Comment 3 Maciej Bendkowski CLA 2014-04-29 06:03:44 EDT 
The problem's still reproducible.