Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-28440

Allow to reject specific configurations via REST and CLI

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • core
    • None
    • Jenkins >= 1.545

      Plugins could reject configurations via REST and CLI in Jenkins < 1.545 by throwing exceptions in readResolve.
      Authorize Project plugin performs authentications with this behavior.

      Jenkins 1.545 suppresses exceptions in readResolve in JENKINS-21024 (also backported to Jenkins 1.532.3).
      This results that throwing exceptions in readResolve prevents reading configurations into memories via REST / CLI but cannot prevents saving them to the disk.
      Authorize-project doesn't perform authentications when Jenkins reads configurations from the disk and allows bypassing authentications.

      Jenkins 1.551 introduced XStream2#addCriticalField in SECURITY-107 (also backported to Jenkins 1.532.2) which triggers critical errors by exceptions in readResolve but only applied to system configurations, not applied project configurations via REST / CLI. (Exceptions are suppressed in CopyOnWriteList)

      Jenkins should provides a way for plugins to reject configurations via REST / CLI.

          [JENKINS-28440] Allow to reject specific configurations via REST and CLI

          ikedam created issue -
          ikedam made changes -
          Link New: This issue is blocking JENKINS-28298 [ JENKINS-28298 ]
          ikedam made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Daniel Beck made changes -
          Link New: This issue is related to JENKINS-21024 [ JENKINS-21024 ]
          SCM/JIRA link daemon made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: In Progress [ 3 ] New: Resolved [ 5 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 163280 ] New: JNJira + In-Review [ 197159 ]

            ikedam ikedam
            ikedam ikedam
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: