I'd agree with Wendy, at least at this point. There's no need for the complexity of user or project-level auth on the build agent. We also should remember that anyone that can run a build, can access every working copy on the agent via the backdoor :)
I do think there's some value to per-user access to the WC from the agent over HTTP, as long as none of the info is duplicated - but I'd consider that a separate feature, not a core part of how this should be implemented. - Brett On 01/06/2011, at 9:18 PM, Wendy Smoak wrote: > On Tue, May 31, 2011 at 4:57 AM, Deng Ching <[email protected]> wrote: >> Currently, there is no security implemented for accessing (read-only) the >> working copies in the build agent via webdav. For CONTINUUM-2632, I'm >> planning to use a similar mechanism as with Maven when downloading/getting >> artifacts from a secured repository: > ... > > This seems to imply that people would be accessing the build agent > individually? I don't think the build agent needs to know about users > -- the access should all go through the master which can handle > security via the user database. > > If you introduce an xml file on the build agent, how would it get > populated for a new build agent, or updated for an existing one? It > also seems like that file would duplicate information already stored > in the user database (what user can see what group). > > I think the build agent should only respond to requests from the > master. It shouldn't be talking to anybody else. As long as it has > some way to verify that the request is indeed coming from the master, > I think that's enough to keep the working copies reasonably secure. > > -- > Wendy -- Brett Porter [email protected] http://brettporter.wordpress.com/ http://au.linkedin.com/in/brettporter
