Detect If Push Destination Requires Authorization
Jensen, Aaron
ajensen at webmd.net
Mon Jul 14 20:47:07 UTC 2014
> > > > Is there a way to detect if the server I'm pushing to is going to
> > > > require authorization?
> > > I think the way I would approach this would be to make the command
> > > fail outright if authentication is required and insufficient auth data
> > > is configured. This removes the stall and gives some feedback on
> > > what's going wrong. I think you used to be able to do this with
> > > --noninteractive but I'm not sure it's still the case.
> > Unfortunately, using `--noninteractive` also means the user won't get
> > prompted to enter their password. We have a corporate IT policy which
> > prohibits us from storing our passwords in plaintext on the file
> > system. **Is there a way to securely store a password in a
> > mercurial.ini file?**
> >
> > I suppose I could attempt a push with `--noninteractive` and if I get an 'abort: http authorization required' message, then prompt for the necessary credentials.
> If you enable the mercurial_keyring extension, any time you get prompted for
> and enter a password, it gets stored in the Windows crypto subsystem so you
> don't get prompted again (unless the password changes, in which case it
> forgets the old password). mercurial_keyring requires for the username to be
> correctly configured under [auth] for the given URL, else it will not try to store
> the PW.
Thanks. This is the solution I'll use. We'll get everyone's username embedded in their mercurial.ini file and use the mercurial_keyring extension to manage passwords. We use TortoiseHg, which comes with that extension. (Thanks, any TortoiseHg folks lurking out there!)
More information about the Mercurial
mailing list