Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
xxadev
jenkins
提交
f488ba8c
J
jenkins
项目概览
xxadev
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
f488ba8c
编写于
3月 11, 2014
作者:
C
CloudBees DEV@Cloud
浏览文件
操作
浏览文件
下载
差异文件
Merge REMERGE_HEAD into HEAD
上级
967a9aae
2dbd6eca
变更
3
显示空白变更内容
内联
并排
Showing
3 changed file
with
145 addition
and
0 deletion
+145
-0
changelog.html
changelog.html
+3
-0
core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
...n/java/hudson/security/TokenBasedRememberMeServices2.java
+11
-0
test/src/test/groovy/hudson/security/TokenBasedRememberMeServices2Test.groovy
.../hudson/security/TokenBasedRememberMeServices2Test.groovy
+131
-0
未找到文件。
changelog.html
浏览文件 @
f488ba8c
...
...
@@ -63,6 +63,9 @@ Upcoming changes</a>
<div
id=
"rc"
style=
"display:none;"
>
<!--=BEGIN=-->
<h3><a
name=
v1.555
>
What's new in 1.555
</a>
<!--=DATE=-->
</h3>
<ul
class=
image
>
<li
class=
bug
>
Jenkins should recover gracefully from a failure to process "remember me" cookie
(
<a
href=
"https://issues.jenkins-ci.org/browse/JENKINS-11643"
>
issue 11643
</a>
)
<li
class=
bug
>
Fixed Up link in matrix projects
(
<a
href=
"https://issues.jenkins-ci.org/browse/JENKINS-21773"
>
issue 21773
</a>
)
...
...
core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
浏览文件 @
f488ba8c
...
...
@@ -28,6 +28,7 @@ import java.util.Date;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
hudson.Functions
;
import
jenkins.model.Jenkins
;
import
jenkins.security.HMACConfidentialKey
;
import
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
;
...
...
@@ -100,6 +101,16 @@ public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices
}
}
@Override
public
Authentication
autoLogin
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
try
{
return
super
.
autoLogin
(
request
,
response
);
}
catch
(
Exception
e
)
{
cancelCookie
(
request
,
response
,
"Failed to handle remember-me cookie: "
+
Functions
.
printThrowable
(
e
));
return
null
;
}
}
/**
* Used to compute the token signature securely.
*/
...
...
test/src/test/groovy/hudson/security/TokenBasedRememberMeServices2Test.groovy
0 → 100644
浏览文件 @
f488ba8c
package
hudson.security
import
com.gargoylesoftware.htmlunit.html.HtmlForm
import
com.gargoylesoftware.htmlunit.html.HtmlPage
import
org.acegisecurity.AuthenticationException
import
org.acegisecurity.BadCredentialsException
import
org.acegisecurity.GrantedAuthority
import
org.acegisecurity.GrantedAuthorityImpl
import
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices
import
org.acegisecurity.userdetails.User
import
org.acegisecurity.userdetails.UserDetails
import
org.acegisecurity.userdetails.UsernameNotFoundException
import
org.apache.commons.httpclient.Cookie
import
org.junit.After
import
org.junit.Before
import
org.junit.Rule
import
org.junit.Test
import
org.jvnet.hudson.test.JenkinsRule
import
org.springframework.dao.DataAccessException
import
java.util.logging.Handler
import
java.util.logging.Level
import
java.util.logging.LogRecord
import
java.util.logging.Logger
import
static
java
.
util
.
logging
.
Level
.
FINEST
/**
*
*
* @author Kohsuke Kawaguchi
*/
class
TokenBasedRememberMeServices2Test
{
@Rule
public
JenkinsRule
j
=
new
JenkinsRule
();
private
boolean
failureInduced
;
private
Logger
logger
=
Logger
.
getLogger
(
TokenBasedRememberMeServices
.
class
.
name
)
private
List
<
LogRecord
>
logs
=
[]
private
Handler
loghandler
@Before
public
void
setUp
()
{
loghandler
=
new
Handler
()
{
@Override
void
publish
(
LogRecord
record
)
{
logs
.
add
(
record
);
}
@Override
void
flush
()
{
}
@Override
void
close
()
throws
SecurityException
{
}
}
loghandler
.
level
=
FINEST
logger
.
addHandler
(
loghandler
)
logger
.
level
=
FINEST
}
@After
public
void
tearDown
()
{
logger
.
removeHandler
(
loghandler
);
logger
.
level
=
null
}
@Test
public
void
bogusTokenWillNotClearItself
()
{
j
.
jenkins
.
securityRealm
=
new
BogusSecurityRealm
()
def
wc
=
j
.
createWebClient
()
loginWithRememberMe
(
wc
)
// we should see a remember me cookie
def
c
=
getRememberMeCookie
(
wc
)
assert
c
!=
null
// start a new session and attempt to access Jenkins,
// which should cause autoLogin failures
wc
=
j
.
createWebClient
()
wc
.
cookieManager
.
addCookie
(
c
);
// even if SecurityRealm chokes, it shouldn't kill the page
logs
.
clear
()
wc
.
goTo
(
""
)
// make sure that the server recorded this failure
assert
failureInduced
assert
logs
.
find
{
it
.
message
.
contains
(
"intentionally not working"
)}!=
null
// and the problematic cookie should have been removed
assert
getRememberMeCookie
(
wc
)==
null
}
private
Cookie
getRememberMeCookie
(
JenkinsRule
.
WebClient
wc
)
{
wc
.
cookieManager
.
getCookie
(
TokenBasedRememberMeServices2
.
ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY
)
}
private
void
loginWithRememberMe
(
JenkinsRule
.
WebClient
wc
)
{
HtmlPage
page
=
wc
.
goTo
(
"login"
);
HtmlForm
form
=
page
.
getFormByName
(
"login"
);
form
.
getInputByName
(
"j_username"
).
valueAttribute
=
"alice"
form
.
getInputByName
(
"j_password"
).
valueAttribute
=
"alice"
form
.
getInputByName
(
"remember_me"
).
checked
=
true
form
.
submit
(
null
);
}
private
class
BogusSecurityRealm
extends
AbstractPasswordBasedSecurityRealm
{
@Override
protected
UserDetails
authenticate
(
String
username
,
String
password
)
throws
AuthenticationException
{
if
(
username
==
password
)
return
new
User
(
username
,
password
,
true
,[
new
GrantedAuthorityImpl
(
"myteam"
)]
as
GrantedAuthority
[])
throw
new
BadCredentialsException
(
username
);
}
@Override
GroupDetails
loadGroupByGroupname
(
String
groupname
)
throws
UsernameNotFoundException
,
DataAccessException
{
throw
new
UnsupportedOperationException
()
}
@Override
UserDetails
loadUserByUsername
(
String
username
)
throws
UsernameNotFoundException
,
DataAccessException
{
failureInduced
=
true
throw
new
IllegalArgumentException
(
"intentionally not working"
);
}
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录