Managing Credentials
It is possible to define server wide credentials that can help configure generic accounts. Such accounts can be used by any Squore user in order to connect to repository connectors, data providers and such third party tools.
These credentials are stored on disk and can be encrypted. If defined, Squore Server automatically uses them to connect to the corresponding tools.
Credentials and master key are stored in respective files, credentials.xml and credentialsSecurity.xml, located in folder:
-
Linux: $HOME/.squore
-
Windows: %USERPROFILE%\.squore
|
Before going further, make sure you have downloaded Squore Agent on the machine hosting Squore Server. |
Saving credentials
To store credentials, simply execute the following command and provide the prompted information:
java -jar squore-agent.jar --save-credentialsWhere:
-
Server Id, is the server URL for which to save the password or token. It can be Squore’s URL, SCM’s or any other tool’s.
-
Login, is the username for which to save the password or token. (Optional in case of a token).
-
Token, is the user token (Authentication and Security).
-
Password, is the user password.
The credentials.xml file looks as follows:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<credentials version="1.0">
<server>
<id>http://localhost:8180</id>
<credential>
<login>demo</login>
<token>eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjIsImlhd[...]</token>
<password>demo</password>
</credential>
</server>
...
</credentials>|
The encryption confirmation prompt can be bypassed by using the --ignore-master-key option in the command line, as follows: |
|
The interactive prompt can be bypassed by directly providing the information in the command line, as follows: |
|
If you want to clear the credentials, simply remove the file $HOME/.squore/credentials.xml on Linux or %USERPROFILE%\.squore\credentials.xml on Windows. |
Encrypting credentials
It is possible to define a master key in order to encrypt the credentials defined in the credentials.xml file.
To define the master key, simply execute the following command and provide the prompted information:
java -jar squore-agent.jar --encrypt-master-keyWhere:
-
Master key, is the passphrase/password that will be used to encrypt the credentials.
The file credentialsSecurity.xml will be generated containing the encrypted master key:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<credentialsSecurity>
<masterKey>{t/+kctF9r6gHitDsnLrWWQcxmGESPbuISPnnJsTNqZ8=}</masterKey>
</credentialsSecurity>Then, any credentials added using Squore Agent will be encrypted in the credentials.xml file:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<credentials version="1.0">
<server>
<id>http://localhost:8180/</id>
<credential>
<login>demo</login>
<token>eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjIsImlhd[...]</token>
<password>demo</password>
</credential>
</server>
<server>
<id>http://svn/server/url/project/trunk/</id>
<credential>
<login>username</login>
<password>{JaUtuyMkEBcHvJRqj7a2c5V4Mv8gVPPrlgCLmpaGhoE=}</password>
</credential>
</server>
...
</credentials>|
The interactive prompt can be bypassed by directly providing the information in the command line, as follows: |
|
If you want to clear the master key, simply remove the file $HOME/.squore/credentialsSecurity.xml on Linux or %USERPROFILE%\.squore\credentialsSecurity.xml on Windows. |
Migrating old credentials format
Old credentials format stored in file .squorerc, can be migrated to the new credentials.xml format.
Just execute the following command:
java -jar squore-agent.jar http://localhost:8180 --migrate-legacy-data|
If the credentials already exists in the credentials.xml file, they will not be replaced. |