Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-3796

Allow CLI to provide basic authentication

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Component/s: cli
    • Labels:
      None
    • Environment:
      Platform: All, OS: All

      Description

      Currently there is no way to supply Hudson credentials to hudson-cli, making it
      unusable to those who do not allow anonymous access to Hudson.

        Activity

        hopfrog238 hopfrog238 created issue -
        Hide
        huybrechts huybrechts added a comment -

        Initial implementation at http://github.com/huybrechts/hudson/tree/cli-auth
        Needs some more consideration about possible security issues.

        Show
        huybrechts huybrechts added a comment - Initial implementation at http://github.com/huybrechts/hudson/tree/cli-auth Needs some more consideration about possible security issues.
        Hide
        scm_issue_link SCM/JIRA link daemon added a comment -

        Code changed in hudson
        User: : kohsuke
        Path:
        trunk/hudson/main/core/src/main/java/hudson/cli/CLICommand.java
        trunk/hudson/main/core/src/main/java/hudson/cli/CliManagerImpl.java
        trunk/hudson/main/core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java
        trunk/hudson/main/core/src/main/java/hudson/security/CliAuthenticator.java
        trunk/hudson/main/core/src/main/java/hudson/security/SecurityRealm.java
        trunk/hudson/main/test/src/test/java/hudson/security/CliAuthenticationTest.java
        trunk/www/changelog.html
        http://jenkins-ci.org/commit/28296
        Log:
        [FIXED JENKINS-3796] implemented an extensible authentication scheme for CLI clients.

        Show
        scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kohsuke Path: trunk/hudson/main/core/src/main/java/hudson/cli/CLICommand.java trunk/hudson/main/core/src/main/java/hudson/cli/CliManagerImpl.java trunk/hudson/main/core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java trunk/hudson/main/core/src/main/java/hudson/security/CliAuthenticator.java trunk/hudson/main/core/src/main/java/hudson/security/SecurityRealm.java trunk/hudson/main/test/src/test/java/hudson/security/CliAuthenticationTest.java trunk/www/changelog.html http://jenkins-ci.org/commit/28296 Log: [FIXED JENKINS-3796] implemented an extensible authentication scheme for CLI clients.
        scm_issue_link SCM/JIRA link daemon made changes -
        Field Original Value New Value
        Status Open [ 1 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Hide
        hopfrog238 hopfrog238 added a comment -

        So, how does one pass authentication information to the cli client? I've tried --username and --password without success.

        Show
        hopfrog238 hopfrog238 added a comment - So, how does one pass authentication information to the cli client? I've tried --username and --password without success.
        Hide
        plouj plouj added a comment -

        This patch is based on Tom Huybrechts' work. It adds support for BASIC authentication when executing CLI commands over HTTP (not the CLI port). To use use BASIC authentication the user of CLI has to supply the username and password inside the URL. For example:

        http://user:password@hudson.example.com/

        Show
        plouj plouj added a comment - This patch is based on Tom Huybrechts' work. It adds support for BASIC authentication when executing CLI commands over HTTP (not the CLI port). To use use BASIC authentication the user of CLI has to supply the username and password inside the URL. For example: http://user:password@hudson.example.com/
        plouj plouj made changes -
        Attachment cli-basic-auth.patch [ 19577 ]
        Hide
        plouj plouj added a comment -

        This fixes the previous patch by making it compilable, using Apache commons codec and removing print statements.

        Show
        plouj plouj added a comment - This fixes the previous patch by making it compilable, using Apache commons codec and removing print statements.
        plouj plouj made changes -
        Attachment cli-basic-auth2.patch [ 19593 ]
        Hide
        plouj plouj added a comment -

        I would like to re-open this issue so that the patch that provides basic HTTP authentication gets applied.

        Show
        plouj plouj added a comment - I would like to re-open this issue so that the patch that provides basic HTTP authentication gets applied.
        plouj plouj made changes -
        Resolution Fixed [ 1 ]
        Status Resolved [ 5 ] Reopened [ 4 ]
        Hide
        scm_issue_link SCM/JIRA link daemon added a comment -

        Code changed in hudson
        User: : kohsuke
        Path:
        trunk/hudson/main/cli/src/main/java/hudson/cli/FullDuplexHttpStream.java
        trunk/www/changelog.html
        http://jenkins-ci.org/commit/33167
        Log:
        [FIXED JENKINS-3796]
        CLI can now work with a reverse proxy that requires BASIC auth.
        (<a href="http://issues.jenkins-ci.org/browse/JENKINS-3796">issue 3796</a>)

        Show
        scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kohsuke Path: trunk/hudson/main/cli/src/main/java/hudson/cli/FullDuplexHttpStream.java trunk/www/changelog.html http://jenkins-ci.org/commit/33167 Log: [FIXED JENKINS-3796] CLI can now work with a reverse proxy that requires BASIC auth. (<a href="http://issues.jenkins-ci.org/browse/JENKINS-3796">issue 3796</a>)
        scm_issue_link SCM/JIRA link daemon made changes -
        Status Reopened [ 4 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        abayer abayer made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Unassigned
            Reporter:
            hopfrog238 hopfrog238
          • Votes:
            5 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: