Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 451642

Summary:	[cf-launcher] Use a consistent auth mechanism
Product:	[ECD] Orion	Reporter:	Mark Macdonald <mamacdon>
Component:	Deployment	Assignee:	Mark Macdonald <mamacdon>
Status:	RESOLVED FIXED	QA Contact:
Severity:	normal
Priority:	P3
Version:	7.0
Target Milestone:	8.0
Hardware:	PC
OS:	Windows 7
Whiteboard:

Description Mark Macdonald

2014-11-14 17:56:47 EST

cf-launcher currently uses a mix of authentication strategies:

 (1). Digest auth on /launcher/dav
 (2). For everything else in /launcher, client-sessions [1]


(1) is required for compatibility with certain WebDAV clients, which only support Digest auth. (Some seem to support Basic too, although only against HTTPS hosts)

(2) is useful from a UX standpoint, because it lets the launcher have persistent logins without maintaining storage on the server. (In Cloud Foundry, persistent storage requires services, which increase the footprint and configuration complexity of cf-launcher).


However this is unfriendly for 3rd party access to the cf-launcher APIs. To use both file updates and lifecycle control, you would have to implement both auth mechanisms. (2) is especially inconvenient because the caller would have to duplicate the client-sessions logic to generate the same session cookie.

I will look at:

* Supporting Digest auth everywhere
* If Digest not provided, fallback to client-sessions (2)
* Support CF bearer token (? not sure about this)

[1] https://www.npmjs.org/package/client-sessions

Comment 1 Mark Macdonald

2014-12-04 13:51:48 EST

This has been published as cf-launcher@0.0.18

See commits
http://git.eclipse.org/c/orion/org.eclipse.orion.client.git/commit/?id=2fd19c5
http://git.eclipse.org/c/orion/org.eclipse.orion.client.git/commit/?id=5342a5f