It's all about the answers!

Ask a question

How to cache password/authentication when using plainJava API

Dave Sinclair (21179) | asked Apr 24 '13, 1:28 p.m.
edited Apr 24 '13, 1:30 p.m.
I have written some plainJava API utilities to allow my department to use a CLI to create, modify and update workitems.  A user might want to add the same comment or tag to multiple work items, however at present the utilities I have written require the user to enter password,userid etc each time the utility is invoked.  Eg:

rtcwi -add 1234 -comments "this is just a dummy comment" -userid -password xxxx -repository
rtcwi -add 1235 -comments "this is just a dummy comment" -userid -password xxxx -repository
rtcwi -add 1236 -comments "this is just a dummy comment" -userid -password xxxx -repository
rtcwi -add 1237 -comments "this is just a dummy comment" -userid -password xxxx -repository

where rtcwi is the utility for adding comments to the work item (1234, 1235 etc).   If the user runs this sequence, then each time that rtcwi is invoked, the utility has to do a Team Startup and login to RTC and then do the work and then logout and do a Team Shutdown.

Is there any way to cache the authentication tokens for RTC so that if a user runs something like rtcwi mulitple times from the same host login session say, you don't have to repeat the timeconsuming login process?  I guess lscm does this - is there any example code around to help me copy that method?
many thanks.  Dave Sinclair

2 answers

permanent link
Guido Schneider (3.4k1485115) | answered Apr 25 '13, 9:07 a.m.

We do it similar to the Build Engine JBE.

We have a special command "-createpwd -filename=file" in our JazzCLI tools, which creates an encrypted password file. And for all other command we have a "-pwdfile=filename" parameter where we can reference the password file. As a special security we do only allow to use the password file on the same machine (hardware-id) where it was generated.

The session is recreated each time we call the command. But because we need this mainly in scheduled jobs, this is not relevant for us.

permanent link
Tim Mok (6.6k38) | answered Apr 24 '13, 1:54 p.m.
lscm keeps a daemon running that caches the username and password so it can retrieve the connection that was opened in a previous call. I don't believe that the daemon is available for public use so you would have to implement your own way of caching the credentials.

Your answer

Register or to post your answer.