Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6628

hudson-cli.jar login does not work

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Major
    • Resolution: Fixed
    • cli
    • None
    • Linux with the latest hudson 1.359

    Description

      java -jar hudson-cli.jar -s http://<Some URL> login --name <login name> --password <some passwd>
      "--name" is not a valid option
      java -jar hudson-cli.jar login args...

      Try different options, e.g., --username, etc same issue.
      What are the right option for java -jar hudson-cli.jar login?
      Perhaps expand what the login args ...are

      Thanks,

      Attachments

        Issue Links

          Activity

            mindless Alan Harder added a comment -

            What security type do you use? I've confirmed that LDAP doesn't support the username/password parameters, and have started working on fixing this. Do you use LDAP, or ?

            mindless Alan Harder added a comment - What security type do you use? I've confirmed that LDAP doesn't support the username/password parameters, and have started working on fixing this. Do you use LDAP, or ?

            Code changed in hudson
            User: : mindless
            Path:
            trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java
            http://jenkins-ci.org/commit/33773
            Log:
            JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication
            so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc.
            In my tests this worked when passing credentials to run a command.
            Login seemed to work, but commands after that were still as anonymous,
            so something still missing.

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : mindless Path: trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java http://jenkins-ci.org/commit/33773 Log: JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc. In my tests this worked when passing credentials to run a command. Login seemed to work, but commands after that were still as anonymous, so something still missing.
            dogfood dogfood added a comment -

            Integrated in hudson_main_trunk #170
            JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication
            so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc.
            In my tests this worked when passing credentials to run a command.
            Login seemed to work, but commands after that were still as anonymous,
            so something still missing.

            mindless :
            Files :

            • /trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java
            dogfood dogfood added a comment - Integrated in hudson_main_trunk #170 JENKINS-6628 change LDAPSecurityRealm to extend AbstractPasswordBasedAuthentication so it gets the createCliAuthenticator stuff, and CLI will accept --username, etc. In my tests this worked when passing credentials to run a command. Login seemed to work, but commands after that were still as anonymous, so something still missing. mindless : Files : /trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java
            jpshackelford jpshackelford added a comment -

            We can confirm that Hudson ver. 1.371 with Crowd Authentication the login cli command doesn't specify what args it should take for username and password and the obvious ones don't work.

            jpshackelford jpshackelford added a comment - We can confirm that Hudson ver. 1.371 with Crowd Authentication the login cli command doesn't specify what args it should take for username and password and the obvious ones don't work.
            mindless Alan Harder added a comment -

            jpshackelford, please file a new issue for the crowd plugin.. ask them to extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI authentication stuff.. thanks!

            mindless Alan Harder added a comment - jpshackelford, please file a new issue for the crowd plugin.. ask them to extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI authentication stuff.. thanks!

            Code changed in hudson
            User: : mindless
            Path:
            trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java
            trunk/www/changelog.html
            http://jenkins-ci.org/commit/34178
            Log:
            [FIXED JENKINS-6628] There is some code duplication in main() methods between
            CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter
            was missing the loadStoredAuthentication call which enables CLI login command.
            CLI login now works for CLI commands defined via @CLIMethod annotation.

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : mindless Path: trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java trunk/www/changelog.html http://jenkins-ci.org/commit/34178 Log: [FIXED JENKINS-6628] There is some code duplication in main() methods between CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter was missing the loadStoredAuthentication call which enables CLI login command. CLI login now works for CLI commands defined via @CLIMethod annotation.
            amargono amargono added a comment -

            Thanks a lot!
            When is the target release for this fix?

            Regards,
            Allan M.

            amargono amargono added a comment - Thanks a lot! When is the target release for this fix? Regards, Allan M. –
            mindless Alan Harder added a comment -

            1.375, in one week.

            mindless Alan Harder added a comment - 1.375, in one week.
            dogfood dogfood added a comment -

            Integrated in hudson_main_trunk #227
            [FIXED JENKINS-6628] There is some code duplication in main() methods between
            CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter
            was missing the loadStoredAuthentication call which enables CLI login command.
            CLI login now works for CLI commands defined via @CLIMethod annotation.

            mindless :
            Files :

            • /trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java
            • /trunk/www/changelog.html
            dogfood dogfood added a comment - Integrated in hudson_main_trunk #227 [FIXED JENKINS-6628] There is some code duplication in main() methods between CLICommand and the anonymous CLICommand subclass in CLIRegisterer.. the latter was missing the loadStoredAuthentication call which enables CLI login command. CLI login now works for CLI commands defined via @CLIMethod annotation. mindless : Files : /trunk/hudson/main/core/src/main/java/hudson/cli/declarative/CLIRegisterer.java /trunk/www/changelog.html
            andreyevbr andreyevbr added a comment -

            Oops, may I re-open this issue?

            "Working with Credentials" wasn't updated in http://wiki.jenkins-ci.org/display/JENKINS/Hudson+CLI , I tried a lot of options, read some code and still get "is not a valid option" when try to use auth in CLI.

            What is the right arguments to pass user and password to Hudson CLI?

            TIA!

            andreyevbr andreyevbr added a comment - Oops, may I re-open this issue? "Working with Credentials" wasn't updated in http://wiki.jenkins-ci.org/display/JENKINS/Hudson+CLI , I tried a lot of options, read some code and still get "is not a valid option" when try to use auth in CLI. What is the right arguments to pass user and password to Hudson CLI? TIA!
            mindless Alan Harder added a comment -

            Not enough information provided to reopen. What authentication type do you use? If it's not "Hudson's own database" or LDAP, then please open a new issue for the authentication type that you use (as mentioned above for Crowd), asking that they extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI stuff.

            mindless Alan Harder added a comment - Not enough information provided to reopen. What authentication type do you use? If it's not "Hudson's own database" or LDAP, then please open a new issue for the authentication type that you use (as mentioned above for Crowd), asking that they extend AbstractPasswordBasedSecurityRealm instead of directly from SecurityRealm to get the CLI stuff.
            mindless Alan Harder added a comment -

            Wiki page updated.

            mindless Alan Harder added a comment - Wiki page updated.
            amargono amargono added a comment -

            1. Unfortunately, I have upgraded to ver 1.378 and any user can run the cli without the proper credential. e.g, to put hudson in a prepare shutdown mode, etc.
            Hence this is a security issue.
            I use Active Directory for the user authentication.

            >java -jar hudson-cli.jar -s http://<valid server URL> quiet-down
            Any user can run the above cmd, even the anonymous user has a READ only access.
            The system was accepted the above cmd and put hudson in the prepare shutdown mode without proper authentication. Since it failed anyway, see item#3 below.

            2. The cli has only has a limited option now? not even login/logout option?

            java -jar hudson-cli.jar -s http://<valid server URL> help
            build
            Builds a job, and optionally waits until its completion.
            cancel-quiet-down
            Cancel the effect of the "quiet-down" command.
            clear-queue
            Clears the build queue
            connect-node
            Reconnect to a node
            copy-job
            Copies a job
            create-job
            Creates a new job by reading stdin as a configuration XML file
            delete-builds
            Deletes build record(s)
            delete-job
            Deletes a job

            3. the login cli does not prompt what are the correct arguments, e.g
            java -jar hudson-cli.jar -s http://<valid server URL> login --username <valid user> --password <valid passwd>
            --username" is not a valid option
            java -jar hudson-cli.jar login args...

            ***what will be the valid login args ...?????*****

            Thanks and Regards,
            amargono

            amargono amargono added a comment - 1. Unfortunately, I have upgraded to ver 1.378 and any user can run the cli without the proper credential. e.g, to put hudson in a prepare shutdown mode, etc. Hence this is a security issue. I use Active Directory for the user authentication. >java -jar hudson-cli.jar -s http://<valid server URL> quiet-down Any user can run the above cmd, even the anonymous user has a READ only access. The system was accepted the above cmd and put hudson in the prepare shutdown mode without proper authentication. Since it failed anyway, see item#3 below. 2. The cli has only has a limited option now? not even login/logout option? java -jar hudson-cli.jar -s http://<valid server URL> help build Builds a job, and optionally waits until its completion. cancel-quiet-down Cancel the effect of the "quiet-down" command. clear-queue Clears the build queue connect-node Reconnect to a node copy-job Copies a job create-job Creates a new job by reading stdin as a configuration XML file delete-builds Deletes build record(s) delete-job Deletes a job 3. the login cli does not prompt what are the correct arguments, e.g java -jar hudson-cli.jar -s http://<valid server URL> login --username <valid user> --password <valid passwd> --username" is not a valid option java -jar hudson-cli.jar login args... *** what will be the valid login args ...????? ***** Thanks and Regards, amargono
            mindless Alan Harder added a comment -

            See my first comment from 3-Sep.. please file a new issue as described to get login/logout support with ActiveDirectory auth type.
            As for commands working without authentication, this issue is not about that.. please open another new issue for that, thanks.

            mindless Alan Harder added a comment - See my first comment from 3-Sep.. please file a new issue as described to get login/logout support with ActiveDirectory auth type. As for commands working without authentication, this issue is not about that.. please open another new issue for that, thanks.
            deepus2000 deepus2000 added a comment -

            Its not working with the latest hudson version 1.384.

            deepus2000 deepus2000 added a comment - Its not working with the latest hudson version 1.384.
            mindless Alan Harder added a comment -

            deepus2000, please be more specific.. what exactly did you try, env details, etc..

            mindless Alan Harder added a comment - deepus2000, please be more specific.. what exactly did you try, env details, etc..
            lynn_lin lynn_lin added a comment -

            I saw this issue
            I use Active Directory security type,my hudson version is 1.387

            > java -jar hudson-cli.jar -s http://myserver:8080 login --username lynn --password 1234

            it tell me --username is not a vaild option

            Do we support Active Directory now?

            lynn_lin lynn_lin added a comment - I saw this issue I use Active Directory security type,my hudson version is 1.387 > java -jar hudson-cli.jar -s http://myserver:8080 login --username lynn --password 1234 it tell me --username is not a vaild option Do we support Active Directory now?
            mindless Alan Harder added a comment -

            lynn_lin, please see my comments from 3-Sep and 1-Oct.

            mindless Alan Harder added a comment - lynn_lin, please see my comments from 3-Sep and 1-Oct.
            lynn_lin lynn_lin added a comment - mindless:8279 http://issues.jenkins-ci.org/browse/JENKINS-8279

            People

              mindless Alan Harder
              amargono amargono
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: