Skip to content
  1. Apr 02, 2014
  2. Apr 01, 2014
  3. Mar 31, 2014
  4. Mar 28, 2014
  5. Mar 27, 2014
  6. Mar 26, 2014
  7. Mar 25, 2014
  8. Mar 24, 2014
  9. Mar 22, 2014
  10. Mar 21, 2014
  11. Mar 20, 2014
  12. Mar 18, 2014
  13. Mar 17, 2014
  14. Mar 14, 2014
  15. Mar 13, 2014
  16. Mar 12, 2014
    • Kohsuke Kawaguchi's avatar
      [JENKINS-20064] · 0e339d7a
      Kohsuke Kawaguchi authored
      Jenkins now remembers the authorities (read group memberships) that the user had carried when he/she last time interactively logged in.
      This information is exposed via User.impersonate(), which is used when using Jenkins SSH, Jenkins CLI, or access via API tokens.
      
      Previously this was impossible for a subset of SecurityRealms that does not allow us to read group membership information without
      successful login (such as Active Directory, OpenID, etc.)
      
      For security reasons, if the backend determines that the user does not exist (as opposed to the backend who cannot tell if the user
      exists or not), then the impersonation will fail.
      
      I need to check AD plugin is reporting a failure correctly in this case, before marking as JENKINS-20064 fixed.
      0e339d7a
  17. Mar 11, 2014
    • Kohsuke Kawaguchi's avatar
      [JENKINS-11643] · 2dbd6eca
      Kohsuke Kawaguchi authored
      An unexpected failure in processing remember me cookie should be handled
      gracefully. In particular, possibly problematic cookie should be
      removed, or else the browser will keep bombarding the server with the
      same cookie, and will never be able to get through.
      
      It's much better to just drop the cookie.
      2dbd6eca
  18. Mar 10, 2014
  19. Mar 08, 2014
  20. Mar 03, 2014
  21. Feb 27, 2014
Loading