Disable security

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Disable security

Lasse Baek
Hi,

We are running Hudson behind single sign-on, and therefore don't need
to secure Hudson. However, it means anyone that is logged in through
single sign-on can manage Hudson, and therefore also enable security.
When this is done, nobody can log in or manage Hudson. Is there a way
to disable security (or rather not be able to enable security)? I know
it's a hypothetical question, but anyhow it's a bit annoying :-)

Thanks,

Lasse

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Disable security

David Weintraub-4
You can edit the $HUDSON_HOME/config.xml file to remove security if
someone turns it on, and you know of no other way to shut it off.

Simply edit the <useSecurity> parameter from "true" to "false", then
restart Hudson. Security will now be off.

-----Original Message-----
From: Lasse Baek [mailto:[hidden email]]
Sent: Thursday, October 25, 2007 3:17 AM
To: [hidden email]
Subject: Disable security

Hi,

We are running Hudson behind single sign-on, and therefore don't need
to secure Hudson. However, it means anyone that is logged in through
single sign-on can manage Hudson, and therefore also enable security.
When this is done, nobody can log in or manage Hudson. Is there a way
to disable security (or rather not be able to enable security)? I know
it's a hypothetical question, but anyhow it's a bit annoying :-)

Thanks,

Lasse

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Disable security

Lasse Baek
Yes, I'm aware of that. But I'm searching for a method where it's not
even possible to enable security through the web interface. It's
probably not possible at the moment. In case, it would be a nice
feature for a future release.

/Lasse

so it's maybe more as a feature request for

On 10/25/07, David Weintraub <[hidden email]> wrote:

> You can edit the $HUDSON_HOME/config.xml file to remove security if
> someone turns it on, and you know of no other way to shut it off.
>
> Simply edit the <useSecurity> parameter from "true" to "false", then
> restart Hudson. Security will now be off.
>
> -----Original Message-----
> From: Lasse Baek [mailto:[hidden email]]
> Sent: Thursday, October 25, 2007 3:17 AM
> To: [hidden email]
> Subject: Disable security
>
> Hi,
>
> We are running Hudson behind single sign-on, and therefore don't need
> to secure Hudson. However, it means anyone that is logged in through
> single sign-on can manage Hudson, and therefore also enable security.
> When this is done, nobody can log in or manage Hudson. Is there a way
> to disable security (or rather not be able to enable security)? I know
> it's a hypothetical question, but anyhow it's a bit annoying :-)
>
> Thanks,
>
> Lasse
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Disable security

Kohsuke Kawaguchi
Administrator

There's a blanket RFE
https://hudson.dev.java.net/issues/show_bug.cgi?id=326 to keep track of
this kind of things.

Lasse Baek wrote:

> Yes, I'm aware of that. But I'm searching for a method where it's not
> even possible to enable security through the web interface. It's
> probably not possible at the moment. In case, it would be a nice
> feature for a future release.
>
> /Lasse
>
> so it's maybe more as a feature request for
>
> On 10/25/07, David Weintraub <[hidden email]> wrote:
>> You can edit the $HUDSON_HOME/config.xml file to remove security if
>> someone turns it on, and you know of no other way to shut it off.
>>
>> Simply edit the <useSecurity> parameter from "true" to "false", then
>> restart Hudson. Security will now be off.
>>
>> -----Original Message-----
>> From: Lasse Baek [mailto:[hidden email]]
>> Sent: Thursday, October 25, 2007 3:17 AM
>> To: [hidden email]
>> Subject: Disable security
>>
>> Hi,
>>
>> We are running Hudson behind single sign-on, and therefore don't need
>> to secure Hudson. However, it means anyone that is logged in through
>> single sign-on can manage Hudson, and therefore also enable security.
>> When this is done, nobody can log in or manage Hudson. Is there a way
>> to disable security (or rather not be able to enable security)? I know
>> it's a hypothetical question, but anyhow it's a bit annoying :-)
>>
>> Thanks,
>>
>> Lasse
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>

--
Kohsuke Kawaguchi
Sun Microsystems                   [hidden email]

smime.p7s (4K) Download Attachment