[Qgis-user] Authentication Manager master password protection
Alessandro Pasotti
apasotti at gmail.com
Tue Apr 13 14:09:59 PDT 2021
On Tue, Apr 13, 2021 at 8:26 PM Frank Broniewski
<hallo at frankbroniewski.com> wrote:
>
> Hello all,
>
> I am looking for a more protective setting for the authentication manager.
>
> Currently, as far as I understand, the master password for the authentication
> manager is requested once per QGIS session and is never requested again while
> QGIS remains open.
>
> Is there a way to change this behaviour? Ideally there would be a setting that
> the master password is always requested when accessing an authentication entry
> in the manager. Or is there some kind of time-out as a setting that I can
> activate - just like on a banking website, where your session is cancelled
> after a certain time period of inactivity?
>
> Does something like this exist? My initial research did not reveal anything in
> that regards. Or can I maybe use the Python API to achieve something in that
> regard?
>
> Many thanks for any hints,
> Frank
>
Hi Frank,
this functionality does not exist, but I think it can be done with a
python plugin.
The authentication manager API is on purpose not complete: we didn't
want a malicious python plugin to be able to access and disclose the
credentials, however many functionality are exposed, I didn't check if
all you need is actually available in the API but my gut feeling is
that it is.
It might be tricky to define the inactivity period though, web
services typically use temporary connections and they may require to
retrieve the credentials after some time when further data is
requested from the server.
Kind regards.
--
Alessandro Pasotti
QCooperative: www.qcooperative.net
ItOpen: www.itopen.it
More information about the Qgis-user
mailing list