|Security Concept for Hudson Plugins [message #898739]
||Fri, 27 July 2012 08:02
| Joern Gebhardt
Registered: July 2012
imagine the following scenario: You have a Hudson plugin that wants to inform some jobs about an event that took place (in our case we monitor an SCM system and rebuild all jobs that are affected by the SCM changes).
However, in a secured Hudson environment the method Hudson.getItems(AbstractProject.class) returns an empty list if the secured jobs do not have read access for anonymous.
As workaround the Hudson plugin can use the method Hudson.getItemMap() and extract the jobs out of the values of the map in order to bypass the security checks in the getItems() method.
Is it possible to run a plugin under a dedicated system user that has always read access to the jobs, even in a secured environment?
Thanks in advance,
Powered by FUDForum
. Page generated in 0.01536 seconds