Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-8815

you cannot use the cli without giving Overall read to Anonymous

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • cli

      I don't know that this is a bug or a feature, but I've noticed, that one cannot authenticate with a valid account through cli without giving Overall read permission for the Anonymous account.
      I'm using LDAP security, and if I remove that right from Anonymous, I get the

      build:~# java -jar jenkins-cli.jar -s http://localhost:8080/ help --username tyrael --password-file pwd
      Exception in thread "main" java.io.IOException: Server returned HTTP response code: 403 for URL: http://localhost:8080/cli
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
      at hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:61)
      at hudson.cli.CLI.<init>(CLI.java:91)
      at hudson.cli.CLI.<init>(CLI.java:63)
      at hudson.cli.CLI.main(CLI.java:176)

      the same command works if I set the above mentioned right to the Anonymous account.

          [JENKINS-8815] you cannot use the cli without giving Overall read to Anonymous

          Ferenc Kovacs created issue -

          Good point. This is a bug.

          Kohsuke Kawaguchi added a comment - Good point. This is a bug.
          Kohsuke Kawaguchi made changes -
          Link New: This issue is duplicated by JENKINS-8814 [ JENKINS-8814 ]

          Ferenc Kovacs added a comment -

          changing the issue type to bug then.

          Ferenc Kovacs added a comment - changing the issue type to bug then.
          Ferenc Kovacs made changes -
          Issue Type Original: Improvement [ 4 ] New: Bug [ 1 ]

          vjuranek added a comment -

          seems to be fixed, tested with 1.448 and works fine

          vjuranek added a comment - seems to be fixed, tested with 1.448 and works fine
          vjuranek made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]

          Upon the code inspection as of fd6a2288f97240c54386657d7ae7d5fbbae2b4c2, I think this issue was never fixed. CLIAction neesd to be UnprotectedRootAction.

          Kohsuke Kawaguchi added a comment - Upon the code inspection as of fd6a2288f97240c54386657d7ae7d5fbbae2b4c2, I think this issue was never fixed. CLIAction neesd to be UnprotectedRootAction .
          Kohsuke Kawaguchi made changes -
          Assignee New: Steven Christou [ schristou ]
          Resolution Original: Fixed [ 1 ]
          Status Original: Resolved [ 5 ] New: Reopened [ 4 ]

          I talked with schrisou and he'll attempt a fix and a test case.

          Kohsuke Kawaguchi added a comment - I talked with schrisou and he'll attempt a fix and a test case.

            schristou Steven Christou
            tyrael Ferenc Kovacs
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: