Github user Graeme-Miller commented on the issue:
https://github.com/apache/brooklyn-client/pull/42
Just want to chime in with a different opinion. I think we should merge as
is, and not implement the functionality to allow users to switch between
multiple hosts.
For me, it is a question of ease of use vs security. I am uncomfortable
caching any passwords locally as it is insecure- but I can see why it is
necessary. Caching multiple passwords doesn't seem necessary to me and makes
the solution much less secure (we never clean up the passwords, so we store a
list of passwords for all hosts ever visited).
Also, I feel like it violates the principle of least astonishment. I was
quite surprised when I checked the local cache and there was a list of
passwords in there. Including a password that was not a brooklyn password that
I must have entered in error. I think that users would be surprised by the
behaviour of the CLI to cache all passwords entered.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
