Blocker Please upgrade Acegi Security to the latest Spring Security release. Acegi Security it's old and deprecated.
- blocks
-
JENKINS-54015 ldap authentication problem
-
- Open
-
- is blocked by
-
JENKINS-41827 JenkinsRule mode to use realistic class loading
-
- Resolved
-
- is blocking
-
-
- Closed
-
-
JENKINS-14520 LDAP Plugin should support StartTLS extension
-
- In Progress
-
-
-
- Resolved
-
- relates to
-
-
- Open
-
-
JENKINS-49555 Split most of Spring Framework out of core
-
- Resolved
-
- links to
[JENKINS-5303] Upgrade Acegi Security to the latest Spring Security release
Given a lot of it is just repackaging
If it's mostly classes/packages being renamed, could https://github.com/jenkinsci/bytecode-compatibility-transformer/ do the trick then?
A challenge we have is the long tail of lesser used, not well maintained plugins. If we can make old plugin releases continue to work with new versions of core for relatively low effort, that would be beneficial.
Especially in a space where failure of the plugin would make login etc. impossible.
Rob Winch
added a comment - Thanks for the response and thoughts. It might make sense to use bytecode-compatability-transformer since there are probably plugins that we don't know about. I'm not very familiar with this project. Is it something you would be able to take on?
Rob Winch
added a comment - Thanks for the response and thoughts. It might make sense to use bytecode-compatability-transformer since there are probably plugins that we don't know about. I'm not very familiar with this project. Is it something you would be able to take on? 
runze xia
added a comment - runze xia
added a comment - http://forum.spring.io/forum/spring-projects/data/ldap/96508-ldap-authentication-intermittent-socket-closed-error Update for 2020 status.
PR for the usage-in-plugin custom search used: https://github.com/jenkins-infra/usage-in-plugins/pull/15
Report attached to this ticket: usage-by-api_2020-07-11.html
Important missing points: the classes used in XxxSecurityRealm.groovy used for building the beans.
Rob Winch
added a comment - Thanks jglick Please let me know if I can be of any assistance. rwinch thanks for the offer! I think I am past the stage where I struggled to find Spring Security 5 equivalents to various Acegi Security idioms that could not be resolved by a simple fix of imports (could not find a clear Rosetta stone except for the 3 → 4 migration). If you can spare any time, by all means skim over the running changes to Jenkins core and comment if you notice any clear abuses of the API. The work going forward will be dealing with compatibility from plugins. There is a draft overview of the effort for background.
rwinch actually, you could be of assistance if you have any time to spare: I have been struggling in https://github.com/jenkinsci/ldap-plugin/pull/49 to find the Spring Security equivalents of a number of Acegi Security API calls relating to LDAP, not made any easier by the fact that I know little about LDAP itself.
I have filed a JEP draft for this whole effort.
That's quite a bit more APIs that I expected. Given a lot of it is just repackaging.... I'm wondering if we can automate pull requests to Spring Security using https://github.com/Netflix-Skunkworks/rewrite Would this be an option you would consider?