Ticket #470 (new Task)

Opened 8 months ago

Last modified 8 months ago

BM: Save hostname/password pair for CCs in Manager's configuration file?

Reported by: fthomas Assigned to: romw
Priority: Minor Milestone: Undetermined
Component: Manager Version:
Keywords: Cc: fthomas

Description

When the core client has set a password for GUI RPCs and the Manager is not started in the client's data directory, the Manager complains that it cannot read the password from the gui_rpc_auth.xml file because it cannot find this file. To still connect to the local client, one needs to select localhost and type in the password at the "Select Computer" dialog. To control the client with a remote Manager, one always has to type in hostname and password at the "Select Computer" dialog.

It would have two advantages if the Manager would save the hostname/password pair entered at the "Select Computer" dialog in its config file. First the Manager would be able to connect to the local client although it wasn't started in the client's data directory and secondly the hostname/password input widgets could complete hostnames and preselect passwords. The only drawback of this proposal is that the passwords probably need to be saved in cleartext in the configuration file.

Change History

(in reply to: ↑ description ) 11/13/07 16:37:13 changed by Nicolas

It would have two advantages if the Manager would save the hostname/password pair entered at the "Select Computer" dialog in its config file.

At the user's choice. I'd suggest adding a "Remember this password" checkbox below the password text field. This also lets the user make the manager "forget" a password by selecting the hostname (at this point the manager would auto-fill password) and unchecking the box.

The only drawback of this proposal is that the passwords probably need to be saved in cleartext in the configuration file.

Correct. One-way encryption (hashing) can't be used, there is no way around that unfortunately. The authentication is done with a challenge-response system. Both RPC client and server (the RPC server is the core client; confusing!) need the password in plaintext at some point.

If this page is incomplete or incorrect, please edit it or add it to the wiki to-do list. To do this, you must be logged in; click Login or Register above.