-
Type:
Improvement
-
Resolution: Fixed
-
Priority:
Major
-
Component/s: remoting
-
Environment:Platform: All, OS: All
Currently slaves do not authenticate to a hudson master, so in order to set up a master/slave build
cluster, the anonymous user must be granted at least "read" access to Hudson so that the slaves can
connect to the master. If anonymous has no permissions, then the slaves are unable to connect at all –
the master shows them as being offline, and on the slave, a 403 permission denied error is shown when
running the JNLP launcher.
For a public-facing hudson, this is a large security risk, as it means opening up the site to anonymous
users for read access simply so that the build slaves can run their jobs. It would be ideal if there was
some way to have the slaves authenticate as a certain user to the master – perhaps the authentication
information could be specified in the slave's configuration XML file?
- duplicates
-
JENKINS-4071 jnlp slaves doesn't support HTTP Auth
-
- Closed
-
- is duplicated by
-
JENKINS-3734 Can't launch Windows slave via JNLP when Hudson authentication enabled
-
- Resolved
-
-
-
- Closed
-
