[p4] long ticket expiration
Mark Allender
marka at Volition-inc.com
Tue Jan 9 09:19:35 PST 2007
> On 1/8/07, Mark Allender <marka at volition-inc.com> wrote:
> > IMHO, it would be nice to have a "fall-through" the
> auth-check to go to
> > normal Perforce passwords if the auth-check fails in some way.
>
> The reason for choosing the LDAP integration is that normal
> Perforce passwords are insecure. If you want to favor convenience
> over security don't use auth-check in the first place.
Sure, but this requires that you create domain logins for "build" users (or
other automated processes). Not hard to do, but it seems somewhat backwards
to have to create a domain user for something that will never log into a
machine on the domain.
And for automated build users, you either have long ticket timeouts, the
password is encoded in a script somewhere, or you have no password. Most of
those are insecure anyway.
More information about the perforce-user
mailing list