[PATCH] http auth user & password lookup
Brad Schick
schickb at gmail.com
Thu Aug 23 18:13:46 CDT 2007
Brad Schick wrote:
> Alexis S. L. Carvalho wrote:
>
>> Thus spake Brad Schick:
>>
>>
>>> # HG changeset patch
>>> # User Brad Schick <schickb at gmail.com>
>>> # Date 1187211013 25200
>>> # Node ID 37b01c92a63ca144a15f728be8712c8a2488a2a2
>>> # Parent dc38a08557bc34493221683453d14717da0b82e2
>>> added user & password lookup from [http_auth] config section
>>>
>>> For secure systems, this lets people store user and optional
>>> password values for http auth realms. The format is:
>>>
>>> [http_auth]
>>> realm = user:pass
>>> * = user:pass
>>>
>>> A realm name of '*' is an optional default used when no
>>> matching realm name is found.
>>>
>>>
>> We also want to store and check the URI (or at least the host name), no?
>>
>>
>>
> I considered that. It would disambiguate all cases, but I think for many
> instances the realm is enough. Maybe an optional uri? Any suggestions
> for how to add that. Could be something like:
>
> realm[@uri] = user[:pass]
>
>
Any feedback on this? I think it would help other users if I can get
this patch to an acceptable state. Its currently a pretty big hassle
doing remote work over http if auth is in place (or fairly insecure due
to displaying of passwords) .
-Brad
More information about the Mercurial-devel
mailing list