-
New Feature
-
Resolution: Fixed
-
Major
-
None
- Separate the authorization configuration from the project configuration. This allows Jenkins to decide the authorization of builds during configuring projects.
- When a plugin lists up credentials,
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Job project) { Authentication auth = Tasks.getAuthenticationOf(project); return new StandardUsernameListBoxModel() .includeEmptyValue() .includeAs(auth, project, StandardUsernameCredentials.class); }
- Even if the authorization is changed after the project configuration is saved, it doesn't cause a security issue as the access to the credential is blocked at build time.
Issues:
- How to control permissions to configure jobs
- You don't want to allow other users configure jobs when you use "Run as Specific User".
- Should the configuration file be separated from config.xml?
- is related to
-
JENKINS-31870 Unable to use LDAP user credentials in build configuration
-
- Closed
-
-
JENKINS-13190 Add ACLPermissionOverride Extension Point to grant additional permissions to an ACL regardless of the AuthorizationStrategy being used
-
- Open
-
-
-
- Closed
-
-
-
- Closed
-
[JENKINS-35081] Separate authorization configuration page
ikedam
created issue -
ikedam
made changes -
| Link |
New:
This issue is related to |
| Link |
New:
This issue is related to |
| Description |
Original:
* Separate the authorization configuration from the project configuration. This allows Jenkins to decide the authorization of builds during configuring projects. * When a plugin lists up credentials, {code} public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Job project) { Authentication auth = Tasks.getAuthenticationOf(project); return new StandardUsernameListBoxModel().withEmptySelection().withAll( CredentialsProvider.lookupCredentials(StandardUsernameCredentials.class, auth); } {code} * Even if the authorization is changed after the project configuration is saved, it doesn't cause a security issue as the access to the credential is blocked at build time. Issues: * How to control permissions to configure jobs ** You don't want to allow other users configure jobs when you use "Run as Specific User". * Should the configuration file be separated ftom config.xml? |
New:
* Separate the authorization configuration from the project configuration. This allows Jenkins to decide the authorization of builds during configuring projects. * When a plugin lists up credentials, {code} public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Job project) { Authentication auth = Tasks.getAuthenticationOf(project); return new StandardUsernameListBoxModel() .includeEmptyValue() .includeAs(auth, project, StandardUsernameCredentials.class); } {code} * Even if the authorization is changed after the project configuration is saved, it doesn't cause a security issue as the access to the credential is blocked at build time. Issues: * How to control permissions to configure jobs ** You don't want to allow other users configure jobs when you use "Run as Specific User". * Should the configuration file be separated ftom config.xml? |
ikedam
made changes -
| Link | New: This issue is blocked by JENKINS-13190 [ JENKINS-13190 ] |
| Workflow | Original: JNJira [ 171295 ] | New: JNJira + In-Review [ 184247 ] |
ikedam
made changes -
| Link | Original: This issue is blocked by JENKINS-13190 [ JENKINS-13190 ] |
ikedam
made changes -
| Link | New: This issue is related to JENKINS-13190 [ JENKINS-13190 ] |
ikedam
made changes -
| Epic Link |
New:
|
| Assignee | New: Stephen Connolly [ stephenconnolly ] |
ikedam
made changes -
| Link |
New:
This issue is related to |