Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-17103

Apply credentials also to separate server used from svn:externals

      See stackoverflow question and user for details including workaround.

          [JENKINS-17103] Apply credentials also to separate server used from svn:externals

          Chris Z added a comment -

          It will be quite nice feature to have.

          Chris Z added a comment - It will be quite nice feature to have.

          Jesse Glick added a comment -

          I think this kind of thing is handled better in the new refactoring branch.

          Jesse Glick added a comment - I think this kind of thing is handled better in the new refactoring branch.

          the 2.0 refactoring allows adding additional credentials which will be tried in turn for the svn:externals

          Stephen Connolly added a comment - the 2.0 refactoring allows adding additional credentials which will be tried in turn for the svn:externals

          Nice feature.

          The only issue I (and some others) have with this is - you must specify additional credentials now for all your external projects, even if they are on the same server.
          see JENKINS-21785
          maybe you could use the additional credentials only if the already provided credentials for the repository fail. Otherwise the workaround makes it a necessity to edit a lot of jobs.

          michael soukup added a comment - Nice feature. The only issue I (and some others) have with this is - you must specify additional credentials now for all your external projects , even if they are on the same server . see JENKINS-21785 maybe you could use the additional credentials only if the already provided credentials for the repository fail. Otherwise the workaround makes it a necessity to edit a lot of jobs.

          This is a necessary security fix to resolve a vulnerability whereby commit access to one portion of a subversion repository can be used to hijack Jenkins' credentials (which are typically global read) to gain read access to the rest of the repository. A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals

          Stephen Connolly added a comment - This is a necessary security fix to resolve a vulnerability whereby commit access to one portion of a subversion repository can be used to hijack Jenkins' credentials (which are typically global read) to gain read access to the rest of the repository. A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals

          David Aldrich added a comment -

          Hi Stephen,

          A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals

          Your suggested enhancement request sounds good to me. Can we treat this JIRA as that request, or is there another, or does one need to be created?
          BR
          David

          David Aldrich added a comment - Hi Stephen, A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals Your suggested enhancement request sounds good to me. Can we treat this JIRA as that request, or is there another, or does one need to be created? BR David

          Daniel Beck added a comment -

          stephenconnolly That looks a lot like what I'm suggesting here – or how'd you determine what "matching externals" are?

          Daniel Beck added a comment - stephenconnolly That looks a lot like what I'm suggesting here – or how'd you determine what "matching externals" are?

            Unassigned Unassigned
            jglick Jesse Glick
            Votes:
            6 Vote for this issue
            Watchers:
            15 Start watching this issue

              Created:
              Updated: