Jump to content


P4Python how to find if the user needs to login?


  • Please log in to reply
6 replies to this topic

#1 ewerybody

ewerybody

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 08 May 2019 - 03:00 PM

short: I could try to catch something like:
P4Exception: [P4#run] Errors during command execution( "p4 dirs //asfasdfa/fasdfasdf/*" )

[Error]: 'Your session has expired, please login again.'

But is there a better way? I found no indicator whatsoever that gives a hint on If the user needs login or not.

long: Usually in our network no one needs to explicitly login.
We have some autologin enabled and all p4 actions just work out of the box (within the specific restrictions and set up views of the users of course)

But there are a handful of users that need to login EACH time they want to connect to p4 via p4v or anything like P4Python for instance.

On my machine I actually have NO idea how to reproduce this situation. I'd like to put myself in the same perspective to be able to fix it for the users but each time I do
p4 logout
I can do whatever anyway. I'm never really logged out.

We "could" of course see that we re-enable autologin for these users but thats not solving the problem for future users.
In fact its super easy to prompt the user for a password. I just need to know If I need to! :)
any ideas? Please?

#2 Sambwise

Sambwise

    Advanced Member

  • Members
  • PipPipPip
  • 889 posts

Posted 08 May 2019 - 04:07 PM

Quote

We have some autologin enabled

Could you expand on that?

Are you sure that you have a password set?  If you don't have a password set, you can run commands without logging in (also, anyone else can run commands as you without logging in).

#3 ewerybody

ewerybody

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 08 May 2019 - 04:36 PM

Yes I have a password set!
On a users machine that needed login we could log in via P4Python and then it seemed global. P4V didn't need login after that.

#4 Sambwise

Sambwise

    Advanced Member

  • Members
  • PipPipPip
  • 889 posts

Posted 08 May 2019 - 05:18 PM

Maybe on your machine you have the password set via P4PASSWD rather than a login ticket?  Run "p4 set P4PASSWD" to see what it's set to (and how).  Note that persistently setting your password via P4PASSWD is considered insecure since anyone who gains access to your machine can easily read it from the environment and then impersonate you from any other machine in the future!

If P4PASSWD was set via "p4 set" you can unset it with "p4 set P4PASSWD="; if it's set in some other location (e.g. config file or system env vars) you'll have to clear it in that location.  This will put you in the situation of a user who authenticates via login tickets (which is the standard/secure method).

The standard way to check the current login ticket status is "p4 login -s".

#5 ewerybody

ewerybody

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 08 May 2019 - 05:28 PM

p4 set P4PASSWD
as well as
p4.password
give me some hash value.
And I also get that value when I just enter my pw. So there is security built-in already I guess.
However that's really not any of my concerns.

p4 login -s
Oh whow! THANK YOU! That should do it! :wub:

#6 Sambwise

Sambwise

    Advanced Member

  • Members
  • PipPipPip
  • 889 posts

Posted 08 May 2019 - 05:43 PM

View Postewerybody, on 08 May 2019 - 05:28 PM, said:

p4 set P4PASSWD
as well as
p4.password
give me some hash value.
And I also get that value when I just enter my pw. So there is security built-in already I guess.

Just FWIW, it's not good security -- the hash is a fairly ordinary MD5 hash of your plaintext password, and it is neither tied to your client host nor time-limited, so if someone copies and pastes that, they can use it to login as you from anywhere.  Its only security advantage over a plaintext password is that it's harder to memorize at a glance.

If you're in an environment where your client machine is pretty well locked down and/or you completely trust everyone who might gain access to it, it's not really a big deal, but it's good to be aware how these things work, especially if you're writing tools that will be used by other people.  :)

#7 ewerybody

ewerybody

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 09 May 2019 - 08:19 AM

Dang! It's really just straight md5 hexdigest of the pw! :o

But yeah: We are in such an environment!
Thanks a bunch for the enlighenment!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users