Hi everyone,
I've written a Jenkins plugin to implement my own authentication mechanism
by extending hudson.security.SecurityRealm. Now I'm trying to create my own
custom "Access Denied" page, to display when a user types in the wrong
password or simply doesn't have access. To do this, I've created a file
called accessDenied.jelly. So let's say the name of my company is "Foo" and
the structure of my plugin (simplified here for practical reasons) is this:
src
|---main
|---java
| |---com
| |---foo
| |---authn
| |---MySecurityRealm.java
|---resources
| |---com
| |---foo
| |---authn
| |---MySecurityRealm
| |---config.jelly
| |---accessDenied.jelly
|---webapp
|---images
|---foo.png
Now, I want to display my company logo -The foo.png file in the tree above-
in my custom error page accessDenied.jelly. Again, for the sake of
simplicity let's assume the short name of my plugin is simply foo and this
is the content of accessDenied.jelly:
<?jelly escape-by-default='true'?>
<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler"
xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson"
xmlns:f="/lib/form">
<l:layout title="${%Login Error}" permission="${app.ANONYMOUS}">
<l:main-panel>
<h2>Access Denied</h2>
<span class="message">
You don't have access to this Jenkins console.
</span>
<img src="${app.getRootUrl()}plugin/foo/images/foo.png"/>
</l:main-panel>
</l:layout>
</j:jelly>
My problem here is I'm getting a broken image link for foo.png because the
server returns a HTTP 403 Forbidden on serving it. Implying the user must
be authenticated in order to access the static content in a plugin.
If instead of my company logo I use ${app.getRootUrl()}/favicon.ico for the
source of my image, I do get the Jenkins icon displayed.
How can I make the static content in my plugin accessible without
authentication? or public?
Notice I tried setting permission="${app.ANONYMOUS}" in my Jelly file, but
this refers to the view being rendered, not to any static assets referenced
by it.
If anyone would like the extra rep points in StackOverflow, I've posted the
exact same question here:
https://stackoverflow.com/q/47830458/4124574
Thank you,
Miguelángel Fernández M.
Life is what happens to you while you're busy making other plans.
--John Lennon.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/CAK2td25JiJ%3DoMzUYBvg%2BH_17nfm0zREpM%3DYnJuKaORHJNDoyng%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
