Too many authentication pop-ups

[ewuerger]

When trying to do git things, the user is haunted by authentication. Users rarely use the credential store, since another password is required. The amount should be decreased, ideally to only once per model repository during session lifetime.

[MoritzWeber0]

We should have a look if EGit respects Git credential helpers. We should be able to use the cache credential helper then. I don't want to have passwords stored on the disk, this is a potential security risk.

[MoritzWeber0]

I've removed the security label because it is intended for security issues that require immediate attention.

[MoritzWeber0]

Unfortunately, EGit doesn't respect Git credential helpers.

There is an open bug / feature request in the Eclipse Bugzilla: https://bugs.eclipse.org/bugs/show_bug.cgi?id=441198
A possible workaround is the implementation of a custom CredentialsProvider: https://stackoverflow.com/questions/23173250/does-jgit-support-git-credentials

[MoritzWeber0]

I found a potential workaround:

• Create a file /home/techuser/.eclipse/master and write a randomly generated password to it.
• Add the following lines to the capella.ini:

   -eclipse.password
   /home/techuser/.eclipse/master
  

• Store the secure storage file in a tempfs directory (it's only stored in memory, not on the disk).
• Users will be able to use the "Storage in secure storage" checkbox. An additional password is no longer needed.
• After session termination, the password is no longer available. In the next session, the password has to be entered again.