Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
LinuxSuRen
jenkins
提交
db1b7eef
J
jenkins
项目概览
LinuxSuRen
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
db1b7eef
编写于
4月 19, 2012
作者:
R
Rob Petti
提交者:
Kohsuke Kawaguchi
4月 25, 2012
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[FIXED JENKINS-13526] use '@' prefix to force PAM to interpret the user/group as a group
上级
22583135
变更
3
显示空白变更内容
内联
并排
Showing
3 changed file
with
19 addition
and
4 deletion
+19
-4
changelog.html
changelog.html
+3
-0
core/src/main/java/hudson/security/PAMSecurityRealm.java
core/src/main/java/hudson/security/PAMSecurityRealm.java
+9
-3
core/src/main/resources/hudson/security/PAMSecurityRealm/help.html
...main/resources/hudson/security/PAMSecurityRealm/help.html
+7
-1
未找到文件。
changelog.html
浏览文件 @
db1b7eef
...
...
@@ -63,6 +63,9 @@ Upcoming changes</a>
<li
class=
bug
>
End up more gracefully if there's some problem when searching for user partipication in the build
(
<a
href=
"https://issues.jenkins-ci.org/browse/JENKINS-13564"
>
issue 13564
</a>
)
<li
class=
rfe
>
PAM authentication supports '@group' to force interpretation as a group instead of user.
(
<a
href=
"https://issues.jenkins-ci.org/browse/JENKINS-13526"
>
issue 13526
</a>
)
<li
class=
rfe
>
Added a DISCOVER permission to allow anonymous users to be presented the login screen
when accessing job URLs.
...
...
core/src/main/java/hudson/security/PAMSecurityRealm.java
浏览文件 @
db1b7eef
...
...
@@ -104,12 +104,18 @@ public class PAMSecurityRealm extends AbstractPasswordBasedSecurityRealm {
@Override
public
GroupDetails
loadGroupByGroupname
(
final
String
groupname
)
throws
UsernameNotFoundException
,
DataAccessException
{
if
(
CLibrary
.
libc
.
getgrnam
(
groupname
)==
null
)
throw
new
UsernameNotFoundException
(
groupname
);
final
String
group
;
if
(
groupname
.
startsWith
(
"@"
))
{
group
=
groupname
.
substring
(
1
);
}
else
{
group
=
groupname
;
}
if
(
CLibrary
.
libc
.
getgrnam
(
group
)==
null
)
throw
new
UsernameNotFoundException
(
group
);
return
new
GroupDetails
()
{
@Override
public
String
getName
()
{
return
group
name
;
return
group
;
}
};
}
...
...
core/src/main/resources/hudson/security/PAMSecurityRealm/help.html
浏览文件 @
db1b7eef
...
...
@@ -7,6 +7,12 @@
This mode will also allow you to use Unix groups for authorization. For example,
you can say "everyone in the 'developers' group will have the administrator access".
<p>
Unix allows an user and a group to have the same name. If you need to disambiguate,
you can use the '@' prefix to force the name to be interpreted as a group. For example,
'@dev' would mean the 'dev' group and not the 'dev' user, while 'dev' would be interpreted
as an user if you indeed have the user of that name.
<p>
This is done through a library called
<a
href=
"http://en.wikipedia.org/wiki/Pluggable_Authentication_Modules"
>
PAM
</a>
,
which defines its own configuration mechanism.
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录