Some plugins installation failed after new SSH plugin is installed

Issue #867 new
created an issue

On previously mentioned site:

new version of ssh plugin is released. Few improvements are listed.

We are using 1.49 version of scm-manager, and above plugin is incompatible with most of the plugins from scm-plugin repository. As example, if scm-mail-plugin is installed and you try to install ssh plugin 2.0.0, scm-server will not start any more. Recovery is to delete plugins dir, and reinstall all plugins you want.

Proven as not working with scm-ssh-plugin 2.0.0. are: scm-mail-plugin scm-fork-plugin scm-userrepo-plugin

Some just want install, some will broke server completely.

Tested on: ubuntu 12.04 openjdk 7 oraclejdk 7

ubuntu 16.05 openjdk7 oraclejdk 7 and 8

Any help possible here?

Comments (3)

  1. Sebastian Marsching

    I am the author of the SSH plugin. We are not using any of the mentioned plugins, so I cannot say much about compatibility with these plugins.

    In order to do its work, the SSH plugin has to use non-public APIs and duplicate some of the functionality (regarding authentication) of the SCM Manager core. The main reason for this is that parts of SCM Manager expect certain actions to happen with the context of a HTTP request, but when using SSH there obviously is no HTTP request. The other reason is that the authentication infrastructure expects a password and with public key authentication there is no password.

    This means, that the SSH plugin directly accesses SCM Managers's internal user database for authentication and that code handling Git requests is called without having a HTTP request context. The first means that most authentication plugins will not work with the SSH plugin because they are simply bypassed. The second means that plugins that plug into operations on the repository and expect certain objects to be present in the context will fail.

    Unfortunately, there is no way for me to get rid of these restrictions without a major overhaul of SCM Manager's plugin API, involving changes of most plugins so that they do not longer expect that authentication happens with a password and actions happen within the context of an HTTP request.

  2. Log in to comment