Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38257

Feature to define non-actual user

    XMLWordPrintable

Details

    • New Feature
    • Resolution: Unresolved
    • Critical
    • core
    • None

    Description

      Authorize-project plugin has difficulties for its usage as it requires actual users to run builds as.
      It can easily conflicts with policies of administrators:

      • Administrators might don't want to use an actual user for managing authorizations of builds.
        • E.g. Alice and Bob belongs to a DevOps team. They want to run a project with the authorization of DevOps, but not of Alice or Bob. Because it might cause problems when they quit the job.
        • This can be resolved by defining a non-actual user used only to manage authorizations of builds.
      • Administrator doesn't want to define or can't define non-actual users.
        • It can be the case especialy when they use an external authentication system (such as Active Directory).

      This can be resolved by introducing a feature to define non-actual users, just like build-in users such as ANONYMOUS and SYSTEM.

      • They cannot be used to login Jenkins. (They don't have passwords)
      • They have permissions. That is, AuthorizationStrategy should handle them as they handle actual users.

      It might be a feature of authorize-project plugin, Jenkins core, or maybe a brand-new plugin.

      Attachments

        Issue Links

          duplicates

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-15063 support for multiple security realms with failover

          • Major - Major loss of function.
          • Open
          relates to

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-32596 ACLDecorator

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-33793 Anonymous GET endpoint for input step approval

          • Major - Major loss of function.
          • Open

          Task - A task that needs to be done. JENKINS-50249 disable "build by token" by default using a system property in Jenkins

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            People

              Unassigned Unassigned
              ikedam ikedam
              Votes:
              2 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: