Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-5303

Upgrade Acegi Security to the latest Spring Security release

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      2.266

      Description

      Please upgrade Acegi Security to the latest Spring Security release. Acegi Security it's old and deprecated.

        Attachments

          Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-54015 ldap authentication problem

          • Critical - Crashes, loss of data, severe memory leak.
          • Open
          is blocked by

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-41827 JenkinsRule mode to use realistic class loading

          • Critical - Crashes, loss of data, severe memory leak.
          • Open
          is blocking

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-17957 Crowd plugin - "remember me" doesn't work

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-14520 LDAP Plugin should support StartTLS extension

          • Major - Major loss of function.
          • In Progress

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-63350 SAML plugin upgrade pac4j to latest possible version

          • Major - Major loss of function.
          • In Progress
          relates to

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-49651 Extend plugin/update center metadata with known incompatibilities

          • Major - Major loss of function.
          • Open

          Task - A task that needs to be done. JENKINS-49555 Split most of Spring Framework out of core

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link jenkins/pull/1404

          Web Link jep #295

            Activity

            Ascending order - Click to sort in descending order
            32 older comments
            Hide
            Permalink
            wfollonier Wadeck Follonier added a comment - - edited

            Update for 2020 status.
            PR for the usage-in-plugin custom search used: https://github.com/jenkins-infra/usage-in-plugins/pull/15

            Report attached to this ticket: usage-by-api_2020-07-11.html

            Important missing points: the classes used in XxxSecurityRealm.groovy used for building the beans.

            Show
            wfollonier Wadeck Follonier added a comment - - edited Update for 2020 status. PR for the usage-in-plugin custom search used: https://github.com/jenkins-infra/usage-in-plugins/pull/15 Report attached to this ticket: usage-by-api_2020-07-11.html Important missing points: the classes used in XxxSecurityRealm.groovy used for building the beans.
            Hide
            Permalink
            jglick Jesse Glick added a comment -

            I am investigating whether this effort is feasible.

            Show
            jglick Jesse Glick added a comment - I am investigating whether this effort is feasible.
            Hide
            Permalink
            rwinch Rob Winch added a comment -

            Thanks Jesse Glick Please let me know if I can be of any assistance.

            Show
            rwinch Rob Winch added a comment - Thanks Jesse Glick Please let me know if I can be of any assistance.
            Hide
            Permalink
            jglick Jesse Glick added a comment -

            Rob Winch thanks for the offer! I think I am past the stage where I struggled to find Spring Security 5 equivalents to various Acegi Security idioms that could not be resolved by a simple fix of imports (could not find a clear Rosetta stone except for the 3 → 4 migration). If you can spare any time, by all means skim over the running changes to Jenkins core and comment if you notice any clear abuses of the API. The work going forward will be dealing with compatibility from plugins. There is a draft overview of the effort for background.

            Show
            jglick Jesse Glick added a comment - Rob Winch thanks for the offer! I think I am past the stage where I struggled to find Spring Security 5 equivalents to various Acegi Security idioms that could not be resolved by a simple fix of imports (could not find a clear Rosetta stone except for the 3 → 4 migration ). If you can spare any time, by all means skim over the running changes to Jenkins core and comment if you notice any clear abuses of the API. The work going forward will be dealing with compatibility from plugins. There is a draft overview of the effort for background.
            Hide
            Permalink
            jglick Jesse Glick added a comment -

            Rob Winch actually, you could be of assistance if you have any time to spare: I have been struggling in https://github.com/jenkinsci/ldap-plugin/pull/49 to find the Spring Security equivalents of a number of Acegi Security API calls relating to LDAP, not made any easier by the fact that I know little about LDAP itself.

            I have filed a JEP draft for this whole effort.

            Show
            jglick Jesse Glick added a comment - Rob Winch actually, you could be of assistance if you have any time to spare: I have been struggling in https://github.com/jenkinsci/ldap-plugin/pull/49 to find the Spring Security equivalents of a number of Acegi Security API calls relating to LDAP, not made any easier by the fact that I know little about LDAP itself. I have filed a JEP draft for this whole effort.

              People

              Assignee:
              jglick Jesse Glick
              Reporter:
              nicusorb nicusorb
              Votes:
              22 Vote for this issue
              Watchers:
              21 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: