It's all about the answers!

Ask a question

How to get the current user's Password?


pugazhenthi samidurai (26423742) | asked Dec 12 '12, 4:56 a.m.
edited Dec 12 '12, 7:21 a.m.
Hi,

i am using lscm command in RTC client plugin using java.

its require to login  using lscm login command.

Since i want to get current user's password for this process.

is it possible in rtc java client?.

Please advice on this.

Regards,

Pugazh S

2 answers



permanent link
Shashikant Padur (4.0k27) | answered Dec 13 '12, 10:37 p.m.
JAZZ DEVELOPER
There is no way to retrieve the user password from any RTC Client. If you have forgotten your password, you need to contact your administrator to reset your password.



Comments
pugazhenthi samidurai commented Dec 14 '12, 12:29 a.m.

Hi Shashikant,

Thank you for your response.

Actually i am executing the following scm command in java client.

lscm login -r http://example.com/ -u username -P password


To execute this command i have retried repository uri and username from current repository. But i am unable to fetch the current logged in user password.




Shashikant Padur commented Dec 14 '12, 1:31 a.m.
JAZZ DEVELOPER

 Sorry, I do not understand the statement... "i am unable to fetch the current logged in user password"


I am assuming you are unable to login given the repository uri, username and password. What is the error that you are seeing? Are you able to login using the same credentials using the Eclipse client/Web client?


permanent link
Ralph Schoon (56.2k23642) | answered Dec 14 '12, 9:47 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
This might be relevant to you: https://jazz.net/forum/questions/96204/retrieve-username-and-password-of-the-current-modifier-of-wi

As far as I can tell, you have to provide the credentials using whatever way available (passwordfile, hard coded password). You can not - at least not by any jazz API retrieve the password for a user. I doubt even LDAP or Tomcat would allow that. It is just a serious security leak if anybody would deliberately allow this to happen.

So, you have to provide the username and the password when calling the operation.

This is effort, but there is no other mechanism. Some people hardcode passwords in scripts protected by read access restrictions to admins, use crypted password files to store them or use other crypted stores (which again need a password and a username) to retrieve some data.

For SCM/LSCM and build, RTC uses a technical user e.g. build, where the password is then stored in the build script, if that requires it or a password file or whatever. Users building delegate to the build system.

All artifacts the build needs, need to be public, otherwise the build will fail. If the build uses a repository workspace of a build user that is member of the team, it can access the public SCM data of other team members.
 

Your answer


Register or to post your answer.