Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11753

Enable OpenID Plugin behind proxy

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: openid-plugin
    • Labels:
      None
    • Environment:
      Ubuntu 10.4 LTS
    • Similar Issues:

      Description

      The OpenId plugin does not seem to work bvehind a proxy. I have configured the proxy in the jenkins plugin settings (jenkins can now download plugins via proxy), added JAVA_ARGS="-Dhttp.proxyHost=proxy1 -Dhttp.proxyPort=3128" to /etc/defaults/jenkins (and verified via ps -Af | grep jenkins, exported $http_proxy from /etc/profile, but nothing seems to work.
      I have found the following hint: http://code.google.com/p/openid4java/wiki/ConsumerForwardProxy - but in the plugin source code there is no such configuration before the instantiation of the ConsumerManager (see OpenIdLoginService.java, line 52). I don't know if there's some magic there already that makes this obsolete and works if used correctly, but unfortunately it does not work out of the box in my case. Id would be nice to have a mechanism that observes any of the standard configurations mentioned above (preferrably the one inside hudson, because this is the one that is most likely correct once the open id plugin is installed), or at least a setting for the proxy in the open id plugin itself.

        Attachments

          Issue Links

            Activity

            Hide
            remigius Remigius Stalder added a comment -

            see also the following gerrit issue:
            http://code.google.com/p/gerrit/issues/detail?id=105

            Show
            remigius Remigius Stalder added a comment - see also the following gerrit issue: http://code.google.com/p/gerrit/issues/detail?id=105
            Hide
            remigius Remigius Stalder added a comment -

            I have created modified versions of the classes OpenIdSsoSecurityRealm and OpenIdLoginService that solve the problem for me (see attachment).

            Show
            remigius Remigius Stalder added a comment - I have created modified versions of the classes OpenIdSsoSecurityRealm and OpenIdLoginService that solve the problem for me (see attachment).
            Hide
            remigius Remigius Stalder added a comment -

            patch to classes OpenIdSsoSecurityRealm and OpenIdLoginService

            Show
            remigius Remigius Stalder added a comment - patch to classes OpenIdSsoSecurityRealm and OpenIdLoginService
            Hide
            jgibson John Gibson added a comment -

            This feature was actually implemented back in October, 2012 (https://github.com/jenkinsci/openid-plugin/commit/ac328548bb7a83f40d1e3b4a7ce0ab799bfbf3be) and it mostly works. However, it doesn't respect the non-proxy hosts settings in Jenkins.

            Looking at hudson.plugins.openid.OpenIdSsoSecurityRealm#createManager() you can see that it doesn't use the noProxyHostPatterns property of the global Hudson.proxy variable. It should do so to avoid making proxy connections when they are not needed.

            Show
            jgibson John Gibson added a comment - This feature was actually implemented back in October, 2012 ( https://github.com/jenkinsci/openid-plugin/commit/ac328548bb7a83f40d1e3b4a7ce0ab799bfbf3be ) and it mostly works. However, it doesn't respect the non-proxy hosts settings in Jenkins. Looking at hudson.plugins.openid.OpenIdSsoSecurityRealm#createManager() you can see that it doesn't use the noProxyHostPatterns property of the global Hudson.proxy variable. It should do so to avoid making proxy connections when they are not needed.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Justin Harringa
            Path:
            src/main/java/hudson/plugins/openid/GoogleAppSsoSecurityRealm.java
            src/main/java/hudson/plugins/openid/OpenIdSsoSecurityRealm.java
            src/test/java/hudson/plugins/openid/OpenIdSsoSecurityRealmTest.java
            http://jenkins-ci.org/commit/openid-plugin/ac607f380ce1945cf3d13bc389c1475b49696d8c
            Log:
            [FIXED JENKINS-22368] Discovery fails behind proxy

            This commit addresses the problem described in [FIXED JENKINS-22368] and
            may also correct JENKINS-11753. Proxy settings in openid4java's
            HttpClientFactory will now be initialized when calling the constructor of
            the OpenIdSsoSecurityRealm & GoogleAppSsoSecurityRealm classes in addition
            to the existing call in the commenceLogin process.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Justin Harringa Path: src/main/java/hudson/plugins/openid/GoogleAppSsoSecurityRealm.java src/main/java/hudson/plugins/openid/OpenIdSsoSecurityRealm.java src/test/java/hudson/plugins/openid/OpenIdSsoSecurityRealmTest.java http://jenkins-ci.org/commit/openid-plugin/ac607f380ce1945cf3d13bc389c1475b49696d8c Log: [FIXED JENKINS-22368] Discovery fails behind proxy This commit addresses the problem described in [FIXED JENKINS-22368] and may also correct JENKINS-11753 . Proxy settings in openid4java's HttpClientFactory will now be initialized when calling the constructor of the OpenIdSsoSecurityRealm & GoogleAppSsoSecurityRealm classes in addition to the existing call in the commenceLogin process.

              People

              Assignee:
              kohsuke Kohsuke Kawaguchi
              Reporter:
              remigius Remigius Stalder
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated: