Do plugins need security settings?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Do plugins need security settings?

Joe Fair-2
I'm working on a Rancher build agent plugin where the agents use JNLP.

When I enable RBAC it doesn't work, but if I allow anonymous access it does.

I think the communication is getting fouled up between the rancher agent and the server, but why would it work if we allow anon access?

Thx,
Joe

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/b16f1bf7-ef94-4def-8012-1015b2e3d3f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: Do plugins need security settings?

Joe Fair-2
More directly, does a plugin need a security role to add or remove jobs from the job queue?

On Wednesday, May 30, 2018 at 3:59:48 PM UTC-4, Joe Fair wrote:
I'm working on a Rancher build agent plugin where the agents use JNLP.

When I enable RBAC it doesn't work, but if I allow anonymous access it does.

I think the communication is getting fouled up between the rancher agent and the server, but why would it work if we allow anon access?

Thx,
Joe

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/737c4998-23c7-4561-985b-dbf3edb5f1b9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: Do plugins need security settings?

Jesse Glick-4
In reply to this post by Joe Fair-2
On Wed, May 30, 2018 at 3:59 PM, Joe Fair <[hidden email]> wrote:
> I think the communication is getting fouled up between the rancher agent and
> the server, but why would it work if we allow anon access?

Because you did something wrong. With no details or source code link,
it is pretty much impossible to help you, beyond pointing to the
generic

https://jenkins.io/doc/developer/security/

--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr0KjBA7kwQqboT2OqXSxGLG6928ngdp4zzjcrFJ%3DF%2B8iw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.