On Wednesday, February 13, 2013 3:34:42 PM UTC-5, Andy Levy wrote: > > > > On Wed, Feb 13, 2013 at 8:39 AM, Dan Winsor <[email protected]<javascript:> > > wrote: > >> As an aside, provided what I'm asking above can't be done, I found this >> powershell snippet which will log me in first: >> >> $ie = New-Object -com internetexplorer.application; >> $url = "<DashboardURL>/SimpleUserLogin.aspx" >> >> $ie.visible = $false; >> $ie.navigate($url); >> while ($ie.Busy -eq $true) >> { >> Start-Sleep -Milliseconds 1000; >> } >> $ie.Document.getElementById("userName").value = "<username>" >> $ie.Document.getElementById("password").value = "<password>" >> $btn = $ie.Document.getElementsByTagName("input") | ? {$_.type -eq >> "submit"} >> $btn.click() >> >> while ($ie.Busy -eq $true) >> { >> Start-Sleep -Milliseconds 1000; >> } >> >> Then you navigate to your URL to force the build. Still thanks in >> advance if anyone can give me a shorter way. >> >> > Passing credentials in a URL is a major security concern. Those > credentials will be recorded in the IIS logs, visible to anyone who has > access to them. > > Sorry, I should've clarified - all internal and security isn't the issue. I own the build machine, IIS, etc. The only reason I implemented security at all was, as an example, I'd be in the middle of something and a developer would get impatient that his CI build hadn't kicked off yet, so he'd Force it. Most of the developers even know the build user's username and password.
> > Your method using the form is better, as it's no longer passed in the > querystring (and thus not logged, at least not by default) but you're still > passing credentials over the wire in the clear (not to mention the ID & > password being stored in the script in the clear). > > Fair enough. > > Do current versions of CCNet & Dashboard fully support Integrated > Authentication? If so, could you enable that, and then run your script (and > thus the IE instance) under a domain account which has the appropriate > permissions? that would sidestep having to pass credentials through IE > entirely. > > Ugh, yeah, I want to purposely stay *out* of our corporate domain due to the overhead and permissions issues (otherwise I'd just fold under and use TFS build). But yes, that would be the best solution. Thanks for the thoughts. -- --- You received this message because you are subscribed to the Google Groups "ccnet-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
