• Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • cli
    • None
    • Linux with the latest hudson 1.359

      java -jar hudson-cli.jar -s http://<Some URL> login --name <login name> --password <some passwd>
      "--name" is not a valid option
      java -jar hudson-cli.jar login args...

      Try different options, e.g., --username, etc same issue.
      What are the right option for java -jar hudson-cli.jar login?
      Perhaps expand what the login args ...are

      Thanks,

          [JENKINS-6628] hudson-cli.jar login does not work

          Alan Harder added a comment -

          What security type do you use? I've confirmed that LDAP doesn't support the username/password parameters, and have started working on fixing this. Do you use LDAP, or ?

          Alan Harder added a comment - What security type do you use? I've confirmed that LDAP doesn't support the username/password parameters, and have started working on fixing this. Do you use LDAP, or ?

          Code changed in hudson
          User: : mindless
          Path:
          trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java
          http://jenkins-ci.org/commit/33773
          Log:
          JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication
          so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc.
          In my tests this worked when passing credentials to run a command.
          Login seemed to work, but commands after that were still as anonymous,
          so something still missing.

          SCM/JIRA link daemon added a comment - Code changed in hudson User: : mindless Path: trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java http://jenkins-ci.org/commit/33773 Log: JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc. In my tests this worked when passing credentials to run a command. Login seemed to work, but commands after that were still as anonymous, so something still missing.

          dogfood added a comment -

          Integrated in hudson_main_trunk #170
          JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication
          so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc.
          In my tests this worked when passing credentials to run a command.
          Login seemed to work, but commands after that were still as anonymous,
          so something still missing.

          mindless :
          Files :

          • /trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java

          dogfood added a comment - Integrated in hudson_main_trunk #170 JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc. In my tests this worked when passing credentials to run a command. Login seemed to work, but commands after that were still as anonymous, so something still missing. mindless : Files : /trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java

          jpshackelford added a comment -

          We can confirm that Hudson ver. 1.371 with Crowd Authentication the login cli command doesn't specify what args it should take for username and password and the obvious ones don't work.

          jpshackelford added a comment - We can confirm that Hudson ver. 1.371 with Crowd Authentication the login cli command doesn't specify what args it should take for username and password and the obvious ones don't work.

          Alan Harder added a comment -

          jpshackelford, please file a new issue for the crowd plugin.. ask them to extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI authentication stuff.. thanks!

          Alan Harder added a comment - jpshackelford, please file a new issue for the crowd plugin.. ask them to extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI authentication stuff.. thanks!

          Code changed in hudson
          User: : mindless
          Path:
          trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java
          trunk/www/changelog.html
          http://jenkins-ci.org/commit/34178
          Log:
          [FIXED JENKINS-6628] There is some code duplication in main() methods between
          CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter
          was missing the loadStoredAuthentication call which enables CLI login command.
          CLI login now works for CLI commands defined via @CLIMethod annotation.

          SCM/JIRA link daemon added a comment - Code changed in hudson User: : mindless Path: trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java trunk/www/changelog.html http://jenkins-ci.org/commit/34178 Log: [FIXED JENKINS-6628] There is some code duplication in main() methods between CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter was missing the loadStoredAuthentication call which enables CLI login command. CLI login now works for CLI commands defined via @CLIMethod annotation.

          amargono added a comment -

          Thanks a lot!
          When is the target release for this fix?

          Regards,
          Allan M.

          amargono added a comment - Thanks a lot! When is the target release for this fix? Regards, Allan M. –

          Alan Harder added a comment -

          1.375, in one week.

          Alan Harder added a comment - 1.375, in one week.

          dogfood added a comment -

          Integrated in hudson_main_trunk #227
          [FIXED JENKINS-6628] There is some code duplication in main() methods between
          CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter
          was missing the loadStoredAuthentication call which enables CLI login command.
          CLI login now works for CLI commands defined via @CLIMethod annotation.

          mindless :
          Files :

          • /trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java
          • /trunk/www/changelog.html

          dogfood added a comment - Integrated in hudson_main_trunk #227 [FIXED JENKINS-6628] There is some code duplication in main() methods between CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter was missing the loadStoredAuthentication call which enables CLI login command. CLI login now works for CLI commands defined via @CLIMethod annotation. mindless : Files : /trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java /trunk/www/changelog.html

          andreyevbr added a comment -

          Oops, may I re-open this issue?

          "Working with Credentials" wasn't updated in http://wiki.jenkins-ci.org/display/JENKINS/Hudson+CLI , I tried a lot of options, read some code and still get "is not a valid option" when try to use auth in CLI.

          What is the right arguments to pass user and password to Hudson CLI?

          TIA!

          andreyevbr added a comment - Oops, may I re-open this issue? "Working with Credentials" wasn't updated in http://wiki.jenkins-ci.org/display/JENKINS/Hudson+CLI , I tried a lot of options, read some code and still get "is not a valid option" when try to use auth in CLI. What is the right arguments to pass user and password to Hudson CLI? TIA!

          Alan Harder added a comment -

          Not enough information provided to reopen. What authentication type do you use? If it's not "Hudson's own database" or LDAP, then please open a new issue for the authentication type that you use (as mentioned above for Crowd), asking that they extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI stuff.

          Alan Harder added a comment - Not enough information provided to reopen. What authentication type do you use? If it's not "Hudson's own database" or LDAP, then please open a new issue for the authentication type that you use (as mentioned above for Crowd), asking that they extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI stuff.

          Alan Harder added a comment -

          Wiki page updated.

          Alan Harder added a comment - Wiki page updated.

          amargono added a comment -

          1. Unfortunately, I have upgraded to ver 1.378 and any user can run the cli without the proper credential. e.g, to put hudson in a prepare shutdown mode, etc.
          Hence this is a security issue.
          I use Active Directory for the user authentication.

          >java -jar hudson-cli.jar -s http://<valid server URL> quiet-down
          Any user can run the above cmd, even the anonymous user has a READ only access.
          The system was accepted the above cmd and put hudson in the prepare shutdown mode without proper authentication. Since it failed anyway, see item#3 below.

          2. The cli has only has a limited option now? not even login/logout option?

          java -jar hudson-cli.jar -s http://<valid server URL> help
          build
          Builds a job, and optionally waits until its completion.
          cancel-quiet-down
          Cancel the effect of the "quiet-down" command.
          clear-queue
          Clears the build queue
          connect-node
          Reconnect to a node
          copy-job
          Copies a job
          create-job
          Creates a new job by reading stdin as a configuration XML file
          delete-builds
          Deletes build record(s)
          delete-job
          Deletes a job

          3. the login cli does not prompt what are the correct arguments, e.g
          java -jar hudson-cli.jar -s http://<valid server URL> login --username <valid user> --password <valid passwd>
          --username" is not a valid option
          java -jar hudson-cli.jar login args...

          ***what will be the valid login args ...?????*****

          Thanks and Regards,
          amargono

          amargono added a comment - 1. Unfortunately, I have upgraded to ver 1.378 and any user can run the cli without the proper credential. e.g, to put hudson in a prepare shutdown mode, etc. Hence this is a security issue. I use Active Directory for the user authentication. >java -jar hudson-cli.jar -s http://<valid server URL> quiet-down Any user can run the above cmd, even the anonymous user has a READ only access. The system was accepted the above cmd and put hudson in the prepare shutdown mode without proper authentication. Since it failed anyway, see item#3 below. 2. The cli has only has a limited option now? not even login/logout option? java -jar hudson-cli.jar -s http://<valid server URL> help build Builds a job, and optionally waits until its completion. cancel-quiet-down Cancel the effect of the "quiet-down" command. clear-queue Clears the build queue connect-node Reconnect to a node copy-job Copies a job create-job Creates a new job by reading stdin as a configuration XML file delete-builds Deletes build record(s) delete-job Deletes a job 3. the login cli does not prompt what are the correct arguments, e.g java -jar hudson-cli.jar -s http://<valid server URL> login --username <valid user> --password <valid passwd> --username" is not a valid option java -jar hudson-cli.jar login args... *** what will be the valid login args ...????? ***** Thanks and Regards, amargono

          Alan Harder added a comment -

          See my first comment from 3-Sep.. please file a new issue as described to get login/logout support with ActiveDirectory auth type.
          As for commands working without authentication, this issue is not about that.. please open another new issue for that, thanks.

          Alan Harder added a comment - See my first comment from 3-Sep.. please file a new issue as described to get login/logout support with ActiveDirectory auth type. As for commands working without authentication, this issue is not about that.. please open another new issue for that, thanks.

          deepus2000 added a comment -

          Its not working with the latest hudson version 1.384.

          deepus2000 added a comment - Its not working with the latest hudson version 1.384.

          Alan Harder added a comment -

          deepus2000, please be more specific.. what exactly did you try, env details, etc..

          Alan Harder added a comment - deepus2000, please be more specific.. what exactly did you try, env details, etc..

          lynn_lin added a comment -

          I saw this issue
          I use Active Directory security type,my hudson version is 1.387

          > java -jar hudson-cli.jar -s http://myserver:8080 login --username lynn --password 1234

          it tell me --username is not a vaild option

          Do we support Active Directory now?

          lynn_lin added a comment - I saw this issue I use Active Directory security type,my hudson version is 1.387 > java -jar hudson-cli.jar -s http://myserver:8080 login --username lynn --password 1234 it tell me --username is not a vaild option Do we support Active Directory now?

          Alan Harder added a comment -

          lynn_lin, please see my comments from 3-Sep and 1-Oct.

          Alan Harder added a comment - lynn_lin, please see my comments from 3-Sep and 1-Oct.

          lynn_lin added a comment -

          lynn_lin added a comment - mindless:8279 http://issues.jenkins-ci.org/browse/JENKINS-8279

            mindless Alan Harder
            amargono amargono
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: