Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-2290

should not require anonymous read access

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: _unsorted
    • Labels:
      None
    • Environment:
      Platform: All, OS: All
    • Similar Issues:

      Description

      Changes in 1.249 break previous behavior that could prevent anonymous from read
      access. However, now the main page doesn't seem to be protected which doesn't
      force container-based authentication to kick-in. Instead, you're redirected to
      "/login?from=%2Fhudson%2F" regardless of webcontext. I install hudson under
      /hudson, so /login... gives me a 404.

      If I give anonymous read access, then I can see the main page and hit the login
      link.

      Previous behavior allowed me to not enable any access to anonymous in
      matrix-based security. When going to /hudson, container-based security would
      redirect to my login form correctly.

      See also:
      1. https://hudson.dev.java.net/issues/show_bug.cgi?id=2275
      2. https://hudson.dev.java.net/servlets/ReadMsg?list=users&msgNo=11994

        Attachments

          Issue Links

            Activity

            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in hudson
            User: : kohsuke
            Path:
            trunk/hudson/main/core/src/main/java/hudson/security/HudsonAuthenticationEntryPoint.java
            trunk/hudson/main/test/src/test/java/hudson/bugs/LoginRedirectTest.java
            trunk/hudson/main/war/pom.xml
            trunk/www/changelog.html
            http://fisheye4.cenqua.com/changelog/hudson/?cs=11875
            Log:
            [FIXED JENKINS-2290] On security-enabled Hudson, redirection for a login didn't work correctly since 1.249.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kohsuke Path: trunk/hudson/main/core/src/main/java/hudson/security/HudsonAuthenticationEntryPoint.java trunk/hudson/main/test/src/test/java/hudson/bugs/LoginRedirectTest.java trunk/hudson/main/war/pom.xml trunk/www/changelog.html http://fisheye4.cenqua.com/changelog/hudson/?cs=11875 Log: [FIXED JENKINS-2290] On security-enabled Hudson, redirection for a login didn't work correctly since 1.249.
            Hide
            sogabe sogabe added a comment -

            Test failed.

            -------------------------------------------------------------------------------
            Test set: hudson.bugs.LoginRedirectTest
            -------------------------------------------------------------------------------
            Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 2.191 sec <<<
            FAILURE!
            testRedirect(hudson.bugs.LoginRedirectTest) Time elapsed: 1.077 sec <<< ERROR!
            java.lang.UnsupportedOperationException: HtmlPage.getDocumentURI is not yet
            implemented.
            at com.gargoylesoftware.htmlunit.html.HtmlPage.getDocumentURI(HtmlPage.java:335)
            at hudson.bugs.LoginRedirectTest.testRedirect(LoginRedirectTest.java:30)

            Show
            sogabe sogabe added a comment - Test failed. ------------------------------------------------------------------------------- Test set: hudson.bugs.LoginRedirectTest ------------------------------------------------------------------------------- Tests run: 2, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 2.191 sec <<< FAILURE! testRedirect(hudson.bugs.LoginRedirectTest) Time elapsed: 1.077 sec <<< ERROR! java.lang.UnsupportedOperationException: HtmlPage.getDocumentURI is not yet implemented. at com.gargoylesoftware.htmlunit.html.HtmlPage.getDocumentURI(HtmlPage.java:335) at hudson.bugs.LoginRedirectTest.testRedirect(LoginRedirectTest.java:30)
            Hide
            kohsuke Kohsuke Kawaguchi added a comment -
                • Issue 2275 has been marked as a duplicate of this issue. ***
            Show
            kohsuke Kohsuke Kawaguchi added a comment - Issue 2275 has been marked as a duplicate of this issue. ***
            Hide
            mindless Alan Harder added a comment -

            I guess this was reopened just due to unit test failure? Closing again since
            test currently passes.

            Show
            mindless Alan Harder added a comment - I guess this was reopened just due to unit test failure? Closing again since test currently passes.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              robdale robdale
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: