Hi, I used impersonate with some success (sending a redirect to a plugin
API URL). However, the security context is not restored (logged in user
becomes SYSTEM!). If you know of a workaround, this could be a solution to
your problem.
For the record, I'm passing a runnable block.
But since this is an old question, if you have found a better solution in
the meantime I'd very much like to hear it :)
On Saturday, April 13, 2013 9:04:36 AM UTC+2, Jean Mertz wrote:
>
> Having said that. Apparently this technique doesn't work when doing HTTP
> requests. It still complaints about no user rights to access this page when
> accessing the plugin endpoint. I guess I would need to rewrite the plugin
> to use the earlier discussed UnprotectedRootAction to make this work.
>
>
> On Saturday, April 13, 2013 8:50:26 AM UTC+2, Jean Mertz wrote:
>>
>> Thank you for your help. Turns out I missed the most important part of
>> the examples where this technique was used, which is; the need to upgrade
>> to a specific version of jenkins-plugin to support ALC.impersonate. This
>> change made everything work correctly:
>>
>> <parent>
>> <groupId>org.jenkins-ci.plugins</groupId>
>> <artifactId>plugin</artifactId>- <version>1.424</version>+
>> <version>1.461</version>
>> </parent>
>>
>>
>> On Friday, April 12, 2013 9:48:13 PM UTC+2, Jesse Glick wrote:
>>>
>>> On 04/12/2013 01:02 AM, Jean Mertz wrote:
>>> > I could either use a block or two arguments
>>>
>>> Recent versions of Jenkins support passing a Runnable block, which is
>>> not what your initial attempt was. But for compatibility with versions in
>>> common use you probably
>>> cannot use this overload yet. Anyway it is not suitable for a block
>>> which needs to return a value, as yours does.
>>>
>>> > The second style I implemented like this:
>>> >
>>> > SecurityContext securityContext =
>>> ACL.impersonate(ACL.SYSTEM);
>>> > try {
>>> > return factory.getImage(project.getIconColor());
>>> > }finally {
>>> > SecurityContextHolder.setContext(securityContext);
>>> > }
>>>
>>> Looks right.
>>>
>>> > cannot find symbol
>>> > symbol : method impersonate(org.acegisecurity.Authentication)
>>>
>>> Problem in your development environment perhaps? Lots of code uses this
>>> idiom, as you can find by searching.
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
