-
Improvement
-
Resolution: Fixed
-
Minor
-
None
Google Apps OpenID support is deprecated some time ago. As such, there's no value in GoogleAppSsoSecurityRealm for new users.
This code needs to be kept around for backward compatibility for those who are upgrading, but it is not desirable that this unusable option shows up in the UI for new users who install the OpenID plugin.
We should improve the display name to indicate that this security realm is deprecated, and have the help text updated to point to the new plugin.
Also, we should drop this extension for new users. One way to do this is to define readResolve() in GoogleAppSsoSecurityRealm, so that it creates $JENKINS_HOME/GoogleAppSsoSecurityRealm.flag marker file, to indicate that this installation ever used GoogleAppSsoSecurityRealm. Then in an initializer method, if this marker file is not present, drop its Descriptor from ExtensionList.
Code changed in jenkins
User: Kohsuke Kawaguchi
Path:
src/main/java/hudson/plugins/openid/GoogleAppSsoSecurityRealm.java
src/main/resources/hudson/plugins/openid/GoogleAppSsoSecurityRealm/config.jelly
src/main/resources/hudson/plugins/openid/GoogleAppSsoSecurityRealm/help-domain.html
src/main/resources/hudson/plugins/openid/GoogleAppSsoSecurityRealm/help.html
http://jenkins-ci.org/commit/openid-plugin/f0bd68c577d0dc4f1f9a634dd61ff84390386c2a
Log:
[FIXED JENKINS-28859] drop Google App SSO code
I briefly thought about providing a nicer migration, but Jenkins
instances out there that are using this security realm is likely
crippled any way as no login is possible. It's difficult to imagine that
such an instance will experience a surprise data loss by upgrading their
OpenID plugin to the newest version.