Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-17103

Apply credentials also to separate server used from svn:externals

    Details

    • Similar Issues:

      Description

      See stackoverflow question and user for details including workaround.

        Attachments

          Issue Links

            Activity

            jglick Jesse Glick created issue -
            Hide
            winotu Chris Z added a comment -

            It will be quite nice feature to have.

            Show
            winotu Chris Z added a comment - It will be quite nice feature to have.
            winotu Chris Z made changes -
            Field Original Value New Value
            Link This issue is related to JENKINS-8312 [ JENKINS-8312 ]
            Hide
            jglick Jesse Glick added a comment -

            I think this kind of thing is handled better in the new refactoring branch.

            Show
            jglick Jesse Glick added a comment - I think this kind of thing is handled better in the new refactoring branch.
            jglick Jesse Glick made changes -
            Assignee stephenconnolly [ stephenconnolly ]
            Hide
            stephenconnolly Stephen Connolly added a comment -

            the 2.0 refactoring allows adding additional credentials which will be tried in turn for the svn:externals

            Show
            stephenconnolly Stephen Connolly added a comment - the 2.0 refactoring allows adding additional credentials which will be tried in turn for the svn:externals
            jglick Jesse Glick made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            Hide
            soukupmi michael soukup added a comment -

            Nice feature.

            The only issue I (and some others) have with this is - you must specify additional credentials now for all your external projects, even if they are on the same server.
            see JENKINS-21785
            maybe you could use the additional credentials only if the already provided credentials for the repository fail. Otherwise the workaround makes it a necessity to edit a lot of jobs.

            Show
            soukupmi michael soukup added a comment - Nice feature. The only issue I (and some others) have with this is - you must specify additional credentials now for all your external projects , even if they are on the same server . see JENKINS-21785 maybe you could use the additional credentials only if the already provided credentials for the repository fail. Otherwise the workaround makes it a necessity to edit a lot of jobs.
            soukupmi michael soukup made changes -
            Link This issue is blocking JENKINS-21785 [ JENKINS-21785 ]
            Hide
            stephenconnolly Stephen Connolly added a comment -

            This is a necessary security fix to resolve a vulnerability whereby commit access to one portion of a subversion repository can be used to hijack Jenkins' credentials (which are typically global read) to gain read access to the rest of the repository. A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals

            Show
            stephenconnolly Stephen Connolly added a comment - This is a necessary security fix to resolve a vulnerability whereby commit access to one portion of a subversion repository can be used to hijack Jenkins' credentials (which are typically global read) to gain read access to the rest of the repository. A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals
            Hide
            davida2009 David Aldrich added a comment -

            Hi Stephen,

            A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals

            Your suggested enhancement request sounds good to me. Can we treat this JIRA as that request, or is there another, or does one need to be created?
            BR
            David

            Show
            davida2009 David Aldrich added a comment - Hi Stephen, A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals Your suggested enhancement request sounds good to me. Can we treat this JIRA as that request, or is there another, or does one need to be created? BR David
            Hide
            danielbeck Daniel Beck added a comment -

            Stephen Connolly That looks a lot like what I'm suggesting here – or how'd you determine what "matching externals" are?

            Show
            danielbeck Daniel Beck added a comment - Stephen Connolly That looks a lot like what I'm suggesting here – or how'd you determine what "matching externals" are?
            stephenconnolly Stephen Connolly made changes -
            Status In Progress [ 3 ] Open [ 1 ]
            stephenconnolly Stephen Connolly made changes -
            Assignee stephenconnolly [ stephenconnolly ]
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 147934 ] JNJira + In-Review [ 177035 ]

              People

              • Assignee:
                Unassigned
                Reporter:
                jglick Jesse Glick
              • Votes:
                6 Vote for this issue
                Watchers:
                15 Start watching this issue

                Dates

                • Created:
                  Updated: