Detect If Push Destination Requires Authorization

Jensen, Aaron ajensen at webmd.net
Mon Jul 14 20:47:07 UTC 2014


> > > > Is there a way to detect if the server I'm pushing to is going to 
> > > > require authorization?

> > > I think the way I would approach this would be to make the command 
> > > fail outright if authentication is required and insufficient auth data 
> > > is configured.  This removes the stall and gives some feedback on 
> > > what's going wrong.  I think you used to be able to do this with 
> > > --noninteractive but I'm not sure it's still the case.

> > Unfortunately, using `--noninteractive` also means the user won't get 
> > prompted to enter their password. We have a corporate IT policy which 
> > prohibits us from storing our passwords in plaintext on the file 
> > system. **Is there a way to securely store a password in a 
> > mercurial.ini file?**
> > 
> > I suppose I could attempt a push with `--noninteractive` and if I get an 'abort: http authorization required' message, then prompt for the necessary credentials.

> If you enable the mercurial_keyring extension, any time you get prompted for
> and enter a password, it gets stored in the Windows crypto subsystem so you 
> don't get prompted again (unless the password changes, in which case it 
> forgets the old password).  mercurial_keyring requires for the username to be 
> correctly configured under [auth] for the given URL, else it will not try to store 
> the PW.

Thanks. This is the solution I'll use. We'll get everyone's username embedded in their mercurial.ini file and use the mercurial_keyring extension to manage passwords. We use TortoiseHg, which comes with that extension. (Thanks, any TortoiseHg folks lurking out there!)



More information about the Mercurial mailing list