Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-8815

you cannot use the cli without giving Overall read to Anonymous

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      I don't know that this is a bug or a feature, but I've noticed, that one cannot authenticate with a valid account through cli without giving Overall read permission for the Anonymous account.
      I'm using LDAP security, and if I remove that right from Anonymous, I get the

      build:~# java -jar jenkins-cli.jar -s http://localhost:8080/ help --username tyrael --password-file pwd
      Exception in thread "main" java.io.IOException: Server returned HTTP response code: 403 for URL: http://localhost:8080/cli
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
      at hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:61)
      at hudson.cli.CLI.<init>(CLI.java:91)
      at hudson.cli.CLI.<init>(CLI.java:63)
      at hudson.cli.CLI.main(CLI.java:176)

      the same command works if I set the above mentioned right to the Anonymous account.

        Attachments

          Issue Links

            Activity

            tyrael Ferenc Kovacs created issue -
            Hide
            kohsuke Kohsuke Kawaguchi added a comment -

            Good point. This is a bug.

            Show
            kohsuke Kohsuke Kawaguchi added a comment - Good point. This is a bug.
            kohsuke Kohsuke Kawaguchi made changes -
            Field Original Value New Value
            Link This issue is duplicated by JENKINS-8814 [ JENKINS-8814 ]
            Hide
            tyrael Ferenc Kovacs added a comment -

            changing the issue type to bug then.

            Show
            tyrael Ferenc Kovacs added a comment - changing the issue type to bug then.
            tyrael Ferenc Kovacs made changes -
            Issue Type Improvement [ 4 ] Bug [ 1 ]
            Hide
            vjuranek vjuranek added a comment -

            seems to be fixed, tested with 1.448 and works fine

            Show
            vjuranek vjuranek added a comment - seems to be fixed, tested with 1.448 and works fine
            vjuranek vjuranek made changes -
            Resolution Fixed [ 1 ]
            Status Open [ 1 ] Resolved [ 5 ]
            Hide
            kohsuke Kohsuke Kawaguchi added a comment -

            Upon the code inspection as of fd6a2288f97240c54386657d7ae7d5fbbae2b4c2, I think this issue was never fixed. CLIAction neesd to be UnprotectedRootAction.

            Show
            kohsuke Kohsuke Kawaguchi added a comment - Upon the code inspection as of fd6a2288f97240c54386657d7ae7d5fbbae2b4c2, I think this issue was never fixed. CLIAction neesd to be UnprotectedRootAction .
            kohsuke Kohsuke Kawaguchi made changes -
            Assignee Steven Christou [ schristou ]
            Resolution Fixed [ 1 ]
            Status Resolved [ 5 ] Reopened [ 4 ]
            Hide
            kohsuke Kohsuke Kawaguchi added a comment -

            I talked with schrisou and he'll attempt a fix and a test case.

            Show
            kohsuke Kohsuke Kawaguchi added a comment - I talked with schrisou and he'll attempt a fix and a test case.
            Hide
            schristou Steven Christou added a comment -

            I created pull request https://github.com/jenkinsci/jenkins/pull/1005 which should resolve this issue.

            Show
            schristou Steven Christou added a comment - I created pull request https://github.com/jenkinsci/jenkins/pull/1005 which should resolve this issue.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: christ66
            Path:
            core/src/main/java/hudson/cli/CLIAction.java
            test/src/test/java/hudson/cli/CLIActionTest.java
            http://jenkins-ci.org/commit/jenkins/a2ff61010e1ee2c1521c94ad26cfe5252bf7aaef
            Log:
            [FIXED JENKINS-8815] Fixed issue where CLI required giving Overall read permission to anonymous.
            Added test unit.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: christ66 Path: core/src/main/java/hudson/cli/CLIAction.java test/src/test/java/hudson/cli/CLIActionTest.java http://jenkins-ci.org/commit/jenkins/a2ff61010e1ee2c1521c94ad26cfe5252bf7aaef Log: [FIXED JENKINS-8815] Fixed issue where CLI required giving Overall read permission to anonymous. Added test unit.
            scm_issue_link SCM/JIRA link daemon made changes -
            Resolution Fixed [ 1 ]
            Status Reopened [ 4 ] Resolved [ 5 ]
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Oliver Gondža
            Path:
            core/src/main/java/hudson/cli/CLIAction.java
            test/src/test/java/hudson/cli/CLIActionTest.java
            http://jenkins-ci.org/commit/jenkins/a494868c47d103b7bb1457aaaeadf87a55bb48ba
            Log:
            Merge pull request #1005 from christ66/master

            [FIXED JENKINS-8815] Fixed issue where CLI required giving Overall read ...

            Conflicts:
            core/src/main/java/hudson/cli/CLIAction.java

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oliver Gondža Path: core/src/main/java/hudson/cli/CLIAction.java test/src/test/java/hudson/cli/CLIActionTest.java http://jenkins-ci.org/commit/jenkins/a494868c47d103b7bb1457aaaeadf87a55bb48ba Log: Merge pull request #1005 from christ66/master [FIXED JENKINS-8815] Fixed issue where CLI required giving Overall read ... Conflicts: core/src/main/java/hudson/cli/CLIAction.java
            Hide
            dogfood dogfood added a comment -

            Integrated in jenkins_main_trunk #3036

            Result = SUCCESS

            Show
            dogfood dogfood added a comment - Integrated in jenkins_main_trunk #3036 Result = SUCCESS
            schristou Steven Christou made changes -
            Labels lts-candidate
            olivergondza Oliver Gondža made changes -
            Labels lts-candidate 1.532.2-fixed
            jglick Jesse Glick made changes -
            Link This issue depends on SECURITY-192 [ SECURITY-192 ]
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 138959 ] JNJira + In-Review [ 188251 ]

              People

              Assignee:
              schristou Steven Christou
              Reporter:
              tyrael Ferenc Kovacs
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: