Re: forcing a user@ into the URL if not present

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Apr 30, 2015 at 04:14:12PM -0400, Dan Langille wrote:
> Would this question be better suited for another list?

Nope, this is the place to go.

> On Wed, Apr 22, 2015 at 4:06 PM, Dan Langille <dlangille@xxxxxxxxxxxxxx> wrote:
> > Hello,
> >
> > I'm using git 2.3.2 with Kerberos for authentication and gito-lite for
> > authorization.
> >
> > This works:
> >
> > $ git clone https://dvl@ repo.example.org/git/testing
> > Cloning into 'testing'...
> > warning: You appear to have cloned an empty repository.
> > Checking connectivity... done.
> >
> > My goal: have it work without supplying dvl@ as shown here:
> >
> > $ git clone https://repo.example.org/git/testing
> > Cloning into 'testing'...
> > Username for 'https://repo.example.org':
> >
> > I don't want to be prompted for a password.  I want Kerberos to kick in.
> >
> > Following http://git-scm.com/docs/gitcredentials, the following seems to
> > have nil effect.  Anyone used this feature already?
> >
> >   git config --global credential.https://repo.example.org.username dvl
> >
> > $ cat ~/.gitconfig
> > [credential "https://repo.example.org";]
> > username = dvl
> > [http]
> > sslCAInfo = /usr/local/etc/trusted-certificates.pem
> >
> > With the above, I still get prompted for a password
> >
> > Given my use of Kerberos for authorization, is this option feasible?

Not at the present time.  The only time that the credential API is
invoked is if it prompts for a password, and by that point you've fallen
back to Basic authentication.

> > Should I be taking a different approach?

If you want it to work only with Kerberos, then any username in the URL
is fine, as libcurl doesn't care.

One thing you could try is to make your URL https://git@xxxxxxxxxxxxxxxx
and then use

  git config --global credential.https://git@xxxxxxxxxxxxxxxx.username dvl

and see if it does the right thing for both Kerberos and Basic auth.  It
would be sort of a hack, but it might work.
-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Attachment: signature.asc
Description: Digital signature

[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]