Password has been removed from http://devstudio.jboss.com/updates/4.0/

One workaround here would be to move the update site to an unprotected but obscurely named folder, like

https://devstudio.jboss.com/updates/4.0-SDSDFHLIK23I487IDSFKLWDRUWREF12389DFILANSDD387AO8S7DAS4O8A7SDAKL7ELAW7483LA7

then rather than publish the URL, we give people a zip, like the one attached.

To get updates, they'd manually add the zip via Help > Install new software > Add > Archive > browse for the zip.

This would give them the URL of the site, but buried in a zip file we could put in the CSP. No typing, no passwords, etc.

Only drawback is that the /updates/4.0/ URL would therefore be empty.

In future, we could look at a plugin in JBDS that could somehow resolve credentials from the CSP and use that to get a per-user update site URL which they could use.

Similar to the contents of the zip, we would GENERATE a folder like http://access.redhat.com/whatever/something/something/nboldt@redhat.com/jbds/4.0/updates/ which would contain the composite metadata pointing at the real location of the site.

This is as secure as having a public registration form to get the username/password, in that it could be just as easily blogged/shared and therefore circumvented.

Did not see this when verifying JBDS-1580. Might be because I already have correct credentials cached in secure storage db which is shared amongst eclipse installs (in ~/.eclipse/org.eclipse.equinox.security/secure_storage)

Not sure if this is for Nick or Denis.

Did you guys experience this while setting it up ?

Anything we can do in updates (beyond removing username/password or document the workarounds?)

Restart does not have effect.
Once I enter credentials, it works. I think, problem is, that above updatesites are added by installer/build with (of course) no credentials.

Once I provide credentials using one of workaround, I can access sites and install.

does a restart of eclipse not help ?

Looks like its using cached credentials which should be cleared between restarts.