diff --git a/core/src/main/java/jenkins/diagnostics/SecurityIsOffMonitor.java b/core/src/main/java/jenkins/diagnostics/SecurityIsOffMonitor.java new file mode 100644 index 0000000000000000000000000000000000000000..23148724b23ba1f40eacabeb7c7983a2ce91cdf5 --- /dev/null +++ b/core/src/main/java/jenkins/diagnostics/SecurityIsOffMonitor.java @@ -0,0 +1,38 @@ +package jenkins.diagnostics; + +import hudson.Extension; +import hudson.model.AdministrativeMonitor; +import jenkins.model.Jenkins; +import org.kohsuke.stapler.StaplerRequest; +import org.kohsuke.stapler.StaplerResponse; + +import java.io.IOException; + +/** + * Unsecured Jenkins is, well, insecure. + * + *
+ * Call attention to the fact that Jenkins is not secured, and encourage the administrator
+ * to take an action.
+ *
+ * @author Kohsuke Kawaguchi
+ */
+@Extension
+public class SecurityIsOffMonitor extends AdministrativeMonitor {
+ @Override
+ public boolean isActivated() {
+ return !Jenkins.getInstance().isUseSecurity();
+ }
+
+ /**
+ * Depending on whether the user said "yes" or "no", send him to the right place.
+ */
+ public void doAct(StaplerRequest req, StaplerResponse rsp) throws IOException {
+ if(req.hasParameter("no")) {
+ disable(true);
+ rsp.sendRedirect(req.getContextPath()+"/manage");
+ } else {
+ rsp.sendRedirect(req.getContextPath()+"/configureSecurity");
+ }
+ }
+}
diff --git a/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message.jelly b/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message.jelly
new file mode 100644
index 0000000000000000000000000000000000000000..d757f6e441edc5ee5b7a0eb1ed232a1ed6f1b0df
--- /dev/null
+++ b/core/src/main/resources/jenkins/diagnostics/SecurityIsOffMonitor/message.jelly
@@ -0,0 +1,36 @@
+
+
+
+