Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11944

Matrix security prevents API access

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Not A Defect
    • Component/s: _unsorted
    • Labels:
    • Environment:
      Jenkins 1.441, Ubuntu 10.10, default package installation. (Also have the same issue on a CentOS server running 1.430.) I don't know if the OS makes a difference though.
    • Similar Issues:

      Description

      When I try to get /api/xml from my python script (or via Firefox by typing http://username:password@localhost:8080/api/xml), I get a 403 when I have matrix security enabled, even when the user I'm trying to authenticate has full access to the system. I've tried authenticating with both the regular password and the api token with no success. I've confirmed the python is "pre-emptively" sending the username and password.

      Python code (project name is "Hello"):

      import urllib2

      xml_url = "http://localhost:8080/api/xml?xpath=/hudson/job[name='Hello']/color"

      password_mgr = urllib2.HTTPPasswordMgrWithDefaultRealm()
      password_mgr.add_password(None, "http://localhost:8080", "user", "96f9...apitoken....23");

      handler = urllib2.HTTPBasicAuthHandler(password_mgr)

      opener = urllib2.build_opener(handler)

      try:
      response = opener.open(xml_url)
      xml = response.read()

      if xml.find("blue"):
      print "working"
      else:
      print "broken"
      except urllib2.HTTPError:
      print "kaboom"

        Attachments

          Activity

          ifland Orion Ifland created issue -
          ifland Orion Ifland made changes -
          Field Original Value New Value
          Assignee Orion Ifland [ ifland ]
          ifland Orion Ifland made changes -
          Resolution Not A Defect [ 7 ]
          Status Open [ 1 ] Resolved [ 5 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 142216 ] JNJira + In-Review [ 190023 ]
          ircbot Jenkins IRC Bot made changes -
          Component/s _unsorted [ 19622 ]
          Component/s security [ 15508 ]

            People

            Assignee:
            ifland Orion Ifland
            Reporter:
            ifland Orion Ifland
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: