- Mar 14, 2014
-
-
Jesse Glick authored
-
Jesse Glick authored
-
Kohsuke Kawaguchi authored
These tests weren't using a SecurityRealm that recognizes these user names
-
Kohsuke Kawaguchi authored
-
Jesse Glick authored
There seems to be no way to export this over the REST API without incurring serious performance penalties.
-
Jesse Glick authored
Fix terminology used in BuildTrigger conditions
-
Harald Albers authored
Added some missing German translations
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
phoenix384 authored
-
phoenix384 authored
-
Kohsuke Kawaguchi authored
-
- Mar 13, 2014
-
-
Kohsuke Kawaguchi authored
So far none of them are real regressions but just that I needed to update tets
-
Kohsuke Kawaguchi authored
Now that User.impersonate() actually checks if the user is valid, User.get("user").impersonate() is expected to fail. Use a DummySecurityRealm to make this user a valid user.
-
Jesse Glick authored
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
- Mar 12, 2014
-
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
See javadoc for discussion why this possibly redundant use is desirable
-
Kohsuke Kawaguchi authored
I think the cleanest place to do this is as a filter of UserDetailsService. The problem is that SecurityRealm defines loadUserByName method, which AbstractPasswordBasedSecurityRealm overrides
-
Kohsuke Kawaguchi authored
So ApiTokenFilter no longer needs to do that.
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
Jenkins now remembers the authorities (read group memberships) that the user had carried when he/she last time interactively logged in. This information is exposed via User.impersonate(), which is used when using Jenkins SSH, Jenkins CLI, or access via API tokens. Previously this was impossible for a subset of SecurityRealms that does not allow us to read group membership information without successful login (such as Active Directory, OpenID, etc.) For security reasons, if the backend determines that the user does not exist (as opposed to the backend who cannot tell if the user exists or not), then the impersonation will fail. I need to check AD plugin is reporting a failure correctly in this case, before marking as JENKINS-20064 fixed.
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
Steven Christou authored
Expose the computer runs and timestamp to api.
-
- Mar 11, 2014
-
-
CloudBees DEV@Cloud authored
-
Kohsuke Kawaguchi authored
An unexpected failure in processing remember me cookie should be handled gracefully. In particular, possibly problematic cookie should be removed, or else the browser will keep bombarding the server with the same cookie, and will never be able to get through. It's much better to just drop the cookie.
-
Kohsuke Kawaguchi authored
This reverts commit 816f9d02.
-
Jesse Glick authored
This reverts commit 816f9d02.
-
-
Jesse Glick authored
Ensure that resolveDependencyJar works for NetBeans compile-on-save (and possibly other IDE’s similar features) even when plugin dependencies are snapshots (possibly in the reactor).
-
Kohsuke Kawaguchi authored
-
Kohsuke Kawaguchi authored
-
Jesse Glick authored
-
Jesse Glick authored
-