[p4] Triggers and best practice authentication from scripts

David Weintraub qazwart at gmail.com
Wed Nov 29 13:24:50 PST 2006


>  >> Security level?
> Not sure - just read up on the concept now.  It's either 2 or 3, but I
> can check tomorrow.

On Security Level #3, you cannot use password based security (that is
set P4PASSWD or use -P <Password>). You must use tickets (via "p4
login"). That could be the problem you're having with the "p4 -u
myuser -P mypasswd somecommand" format.

Also, "p4 login" doesn't normally take the userID (unless you're super
user), and then I believe it only creates a ticket for that user to
access. Otherwise, it uses whatever is set in the P4CONFIG file or
whatever P4USER is set to.

The best way to configure Perforce is to use the P4CONFIG file. You
set P4CONFIG to point to a file that sets P4USER, P4PORT, P4CLIENT,
etc. The nice thing about this mechanism is that if you set P4CONFIG
to a file name without any directory, Perforce will search for the
P4CONFIG file by going up the file tree. That means if you put a
P4CONFIG file in the root of your view, your Perforce environment is
set by just changing into the directory sub-tree.

That way, each Perforce working directory can have its own user,
client, and even server it is suppose to be connected to.

By the way, triggers are executed in the environment "p4d' started in.
I created a special group just for the user who runs p4d on our
server, then set that group's timeout to "99999999". That way, I don't
have to worry about logging in for my p4d server user.

On 11/29/06, Finn Normann Pedersen <merenpha at gmail.com> wrote:
> Hi Mark,
>
>  >> Security level?
> Not sure - just read up on the concept now.  It's either 2 or 3, but I
> can check tomorrow.
>
> However, I think we found a nice solution, which is quite by-the-book.
> Just rewriting all our scripts to utilize tickets. The "trick" (which it
> really isn't) is to move the ticket to the user's personal area
> irregardless of what workstation or build-server he is accessing P4 from.
>
> Cheers,
>    Finn
>
>
> Elkins, Mark wrote:
> > What security level are you using for p4d?
> >
> > Mark Elkins
> >
> > -----Original Message-----
> > From: perforce-user-bounces at perforce.com
> > [mailto:perforce-user-bounces at perforce.com] On Behalf Of Finn Normann
> > Pedersen
> > Sent: November 29, 2006 4:14 AM
> > To: perforce-user at perforce.com
> > Subject: [p4] Triggers and best practice authentication from scripts
> >
> > Hi,
> >
> > I have an authentication trigger (auth-check) on our server up against
> > our active directory/LDAP server, but I am wondering how you'd best
> > have scripts authenticate themselves.
> >
> > I am wondering if the trigger authentication works for all forms of
> > authentication.
> >
> > p4 set p4user=myuser
> > p4 login      (supply mypasswd)
> >
> > Works fine.
> >
> > But
> >
> > p4 -u myuser -P mypasswd somecommand
> >
> > Does not work?
> >
> > Also if the P4USER variable is set, the command "p4 login myuser"
> > ignores the argument "myuser".
> >
> > Does anyone have any best practice on using authentication triggers?
> >
> > Cheers,
> >   Finn
> > _______________________________________________
> > perforce-user mailing list  -  perforce-user at perforce.com
> > http://maillist.perforce.com/mailman/listinfo/perforce-user
> >
> >
> _______________________________________________
> perforce-user mailing list  -  perforce-user at perforce.com
> http://maillist.perforce.com/mailman/listinfo/perforce-user
>


-- 
--
David Weintraub
qazwart at gmail.com



More information about the perforce-user mailing list