Trac login, deliberate annonymous/authenticated login
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| bug-repo-syncer |
Fix Released
|
High
|
Eike | ||
Bug Description
Remove all URL printing from the login method, passwords are still revealed in the error messages from the XMLRPC library. This will also simplify the method.
* Remove all code that removes passwords from URLs
* Remove printing of URLs and XMLRPC errors (keep it but commented out).
* Use same wording like Launchpad login:
* Look up good wording.
Mostly resolved:
The Trac controller does currently fall back to anonymous login when the password fails. It is also impossible to deliberately login anonymously, you enter a bogus password to login anonymously.
* Wrong passwords are not reported when the program logs into Trac, instead it fails later.
* Anonymous login takes a long time because the program tries to log in authenticated first.
* The login method writes a lot of unnecessary output, and it is also complicated because it needs to remove the password from the login URL.
Therefore implement a way to login anonymously, and fail in the login method when the password is wrong.
| Changed in bug-repo-syncer: | |
| importance: | Undecided → Medium |
| assignee: | nobody → Eike (eike-welk) |
| milestone: | none → 0.1.0 |
| Changed in bug-repo-syncer: | |
| status: | New → In Progress |
| Changed in bug-repo-syncer: | |
| importance: | Medium → High |
| description: | updated |
| Changed in bug-repo-syncer: | |
| status: | In Progress → Fix Released |
| description: | updated |
