Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
LinuxSuRen
jenkins
提交
049c0ea4
J
jenkins
项目概览
LinuxSuRen
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
049c0ea4
编写于
3月 23, 2011
作者:
S
Stephen Connolly
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'jenkins-1.400-trunk' into oss
上级
04584b80
c21918df
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
54 addition
and
9 deletion
+54
-9
changelog.html
changelog.html
+3
-0
core/pom.xml
core/pom.xml
+1
-1
core/src/main/java/hudson/security/PAMSecurityRealm.java
core/src/main/java/hudson/security/PAMSecurityRealm.java
+18
-8
test/src/test/java/hudson/security/PAMSecurityRealmTest.java
test/src/test/java/hudson/security/PAMSecurityRealmTest.java
+32
-0
未找到文件。
changelog.html
浏览文件 @
049c0ea4
...
...
@@ -59,6 +59,9 @@ Upcoming changes</a>
<div
id=
"trunk"
style=
"display:none"
>
<!--=TRUNK-BEGIN=-->
<ul
class=
image
>
<li
class=
>
<li
class=
bug
>
PAM authentication fails to restore group membership information on "remember me" tokens.
(
<a
href=
"http://issues.jenkins-ci.org/browse/JENKINS-9094"
>
issue 9094
</a>
)
</ul>
</div>
<!--=TRUNK-END=-->
...
...
core/pom.xml
浏览文件 @
049c0ea4
...
...
@@ -763,7 +763,7 @@ THE SOFTWARE.
<dependency>
<groupId>
org.jvnet.libpam4j
</groupId>
<artifactId>
libpam4j
</artifactId>
<version>
1.
2
</version>
<version>
1.
4
</version>
</dependency>
<dependency>
<groupId>
org.jvnet.libzfs
</groupId>
...
...
core/src/main/java/hudson/security/PAMSecurityRealm.java
浏览文件 @
049c0ea4
...
...
@@ -88,11 +88,7 @@ public class PAMSecurityRealm extends SecurityRealm {
try
{
UnixUser
u
=
new
PAM
(
serviceName
).
authenticate
(
username
,
password
);
Set
<
String
>
grps
=
u
.
getGroups
();
GrantedAuthority
[]
groups
=
new
GrantedAuthority
[
grps
.
size
()];
int
i
=
0
;
for
(
String
g
:
grps
)
groups
[
i
++]
=
new
GrantedAuthorityImpl
(
g
);
GrantedAuthority
[]
groups
=
toAuthorities
(
u
);
// I never understood why Acegi insists on keeping the password...
return
new
UsernamePasswordAuthenticationToken
(
username
,
password
,
groups
);
...
...
@@ -119,14 +115,28 @@ public class PAMSecurityRealm extends SecurityRealm {
public
UserDetails
loadUserByUsername
(
String
username
)
throws
UsernameNotFoundException
,
DataAccessException
{
if
(!
UnixUser
.
exists
(
username
))
throw
new
UsernameNotFoundException
(
"No such Unix user: "
+
username
);
// return some dummy instance
return
new
User
(
username
,
""
,
true
,
true
,
true
,
true
,
new
GrantedAuthority
[]{
AUTHENTICATED_AUTHORITY
});
try
{
UnixUser
uu
=
new
UnixUser
(
username
);
// return some dummy instance
return
new
User
(
username
,
""
,
true
,
true
,
true
,
true
,
toAuthorities
(
uu
));
}
catch
(
PAMException
e
)
{
throw
new
UsernameNotFoundException
(
"Failed to load information about Unix user "
+
username
,
e
);
}
}
}
);
}
private
static
GrantedAuthority
[]
toAuthorities
(
UnixUser
u
)
{
Set
<
String
>
grps
=
u
.
getGroups
();
GrantedAuthority
[]
groups
=
new
GrantedAuthority
[
grps
.
size
()+
1
];
int
i
=
0
;
for
(
String
g
:
grps
)
groups
[
i
++]
=
new
GrantedAuthorityImpl
(
g
);
groups
[
i
++]
=
AUTHENTICATED_AUTHORITY
;
return
groups
;
}
@Override
public
GroupDetails
loadGroupByGroupname
(
final
String
groupname
)
throws
UsernameNotFoundException
,
DataAccessException
{
if
(
CLibrary
.
libc
.
getgrnam
(
groupname
)==
null
)
...
...
test/src/test/java/hudson/security/PAMSecurityRealmTest.java
0 → 100644
浏览文件 @
049c0ea4
package
hudson.security
;
import
hudson.Functions
;
import
hudson.security.SecurityRealm.SecurityComponents
;
import
org.acegisecurity.userdetails.UsernameNotFoundException
;
import
org.jvnet.hudson.test.HudsonTestCase
;
import
java.util.Arrays
;
import
static
hudson
.
util
.
jna
.
GNUCLibrary
.*;
/**
* @author Kohsuke Kawaguchi
*/
public
class
PAMSecurityRealmTest
extends
HudsonTestCase
{
public
void
testLoadUsers
()
{
if
(
Functions
.
isWindows
())
return
;
// skip on Windows
SecurityComponents
sc
=
new
PAMSecurityRealm
(
"sshd"
).
getSecurityComponents
();
try
{
sc
.
userDetails
.
loadUserByUsername
(
"bogus-bogus-bogus"
);
fail
(
"no such user"
);
}
catch
(
UsernameNotFoundException
e
)
{
// expected
}
String
name
=
LIBC
.
getpwuid
(
LIBC
.
geteuid
()).
pw_name
;
System
.
out
.
println
(
Arrays
.
asList
(
sc
.
userDetails
.
loadUserByUsername
(
name
).
getAuthorities
()));
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录