-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
Linux, Chrome 43
Jenkins 1.606
LDAP plugin 1.11
With ldap plugin configured with no "manager DN" or password, visit configureSecurity with Chrome 43 that has Jenkins auth data remembered. Click "Advanced" on the LDAP settings and notice that Chrome has auto-filled the ldap "Manager DN" and "Manager Password" fields with the user's Jenkins login data.
If the LDAP server requires these to be empty, loading configureSecurity and clicking save/apply, which should be a no-op, will break the configuration and the user might not realize what's going on.
What most likely is going on is that Chrome is trying to be too helpful in detecting where a login / password field combination is. If I remove the stored Jenkins password from Chrome, it is not auto-filled, re-remembering it makes the problem return.
As much as this could be regarded as a Chrome problem, it would be useful if the plugin did not trigger this behavior, especially as it happens on a hidden field. Note that Chrome blissfully ignores autocomplete=off, so JENKINS-3586 is no longer helpful.
