Encrypt ccnet.config TFS login details.

Question

Hi guys,

I have a ccnet.config file which uses my login details to a tfs server.

Here is a example:

<sourcecontrol type="vsts" autoGetSource="true" applyLabel="false">        
    <server>http://TFSSERVER&lt;/server&gt;
    <username>USERNAME</username>
    <password>PASSWORD</password>
    <domain>DOMAIN</domain>        
    <project>$/project1</project>
    <workingDirectory>C:\build\latest\Project1</workingDirectory>
    <cleanCopy>true</cleanCopy>
    <workspace>Project1CC</workspace>
    <deleteWorkspace>false</deleteWorkspace>
  </sourcecontrol>

The problem is that the USERNAME and PASSWORD are stored as plain text which is a real problem on a machine accessible by anyone working in the company.

Is there a way I can encrypt the details in some way?

Answer 1

Assuming TFS supports integrated Windows authentication, you could set up a dedicated domain account for the cc.net server. That way, you shouldn't need to specify logon details.

Answer 2

Ok well in the end i found a workaround. If you leave the username and password details out of the config file the CC connects to TFS using the windows account it is currently running under. So all i had to do was change the service login user to my own account and it worked fine.