Dear all,
I have configured Hudson 1.223 on Tomcat 6 as my servlet container and enable
security through it. I have configured Access Control as follow
For Security Realm, I select "Delegate to Servlet Container"
For Authorization, I select "Matrix-based Security"
I have added some users with different permission which some don't have
Administer and some do (These users have been granted admin privileges on Tomcat).
Here is the defect
If I login as the user with Administer privileges and configure the job, all
configure fields are looking fine.
If I login as the user which don't have Administer privileges, the following
configure fields (JDK, Subversion Repository browser, Collabnet Repository URL,
Poll SCM) show a small page under it with Access denied error. However, I still
can modify these fields and save it without any issues.
It is good to show an error that the user don't have permission to modify the
field, but the field should be gray-out if the users don't have permission to
change it.
Regards,
Hai