Trac login, deliberate annonymous/authenticated login
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bug-repo-syncer |
Fix Released
|
High
|
Eike |
Bug Description
Remove all URL printing from the login method, passwords are still revealed in the error messages from the XMLRPC library. This will also simplify the method.
* Remove all code that removes passwords from URLs
* Remove printing of URLs and XMLRPC errors (keep it but commented out).
* Use same wording like Launchpad login:
* Look up good wording.
Mostly resolved:
The Trac controller does currently fall back to anonymous login when the password fails. It is also impossible to deliberately login anonymously, you enter a bogus password to login anonymously.
* Wrong passwords are not reported when the program logs into Trac, instead it fails later.
* Anonymous login takes a long time because the program tries to log in authenticated first.
* The login method writes a lot of unnecessary output, and it is also complicated because it needs to remove the password from the login URL.
Therefore implement a way to login anonymously, and fail in the login method when the password is wrong.
Changed in bug-repo-syncer: | |
importance: | Undecided → Medium |
assignee: | nobody → Eike (eike-welk) |
milestone: | none → 0.1.0 |
Changed in bug-repo-syncer: | |
status: | New → In Progress |
Changed in bug-repo-syncer: | |
importance: | Medium → High |
description: | updated |
Changed in bug-repo-syncer: | |
status: | In Progress → Fix Released |
description: | updated |