Thank you @Daniel. Great answer. This solves my problem.
On Thursday, 21 December 2017 13:49:36 UTC+1, Miguelangel Fernandez wrote:
>
> Hi everyone,
>
> I've written a Jenkins plugin to implement my own authentication mechanism
> by extending hudson.security.SecurityRealm. Now I'm trying to create my
> own custom "Access Denied" page, to display when a user types in the wrong
> password or simply doesn't have access. To do this, I've created a file
> called accessDenied.jelly. So let's say the name of my company is "Foo"
> and the structure of my plugin (simplified here for practical reasons) is
> this:
>
> src
> |---main
> |---java
> | |---com
> | |---foo
> | |---authn
> | |---MySecurityRealm.java
> |---resources
> | |---com
> | |---foo
> | |---authn
> | |---MySecurityRealm
> | |---config.jelly
> | |---accessDenied.jelly
> |---webapp
> |---images
> |---foo.png
>
> Now, I want to display my company logo -The foo.png file in the tree
> above- in my custom error page accessDenied.jelly. Again, for the sake of
> simplicity let's assume the short name of my plugin is simply foo and
> this is the content of accessDenied.jelly:
>
> <?jelly escape-by-default='true'?>
> <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define"
> xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
> <l:layout title="${%Login Error}" permission="${app.ANONYMOUS}">
> <l:main-panel>
> <h2>Access Denied</h2>
> <span class="message">
> You don't have access to this Jenkins console.
> </span>
> <img src="${app.getRootUrl()}plugin/foo/images/foo.png"/>
> </l:main-panel>
> </l:layout>
> </j:jelly>
>
> My problem here is I'm getting a broken image link for foo.png because
> the server returns a HTTP 403 Forbidden on serving it. Implying the user
> must be authenticated in order to access the static content in a plugin.
>
> If instead of my company logo I use ${app.getRootUrl()}/favicon.ico for
> the source of my image, I do get the Jenkins icon displayed.
>
> How can I make the static content in my plugin accessible without
> authentication? or public?
>
> Notice I tried setting permission="${app.ANONYMOUS}" in my Jelly file,
> but this refers to the view being rendered, not to any static assets
> referenced by it.
> If anyone would like the extra rep points in StackOverflow, I've posted
> the exact same question here:
>
> https://stackoverflow.com/q/47830458/4124574
>
> Thank you,
>
> Miguelángel Fernández M.
>
> Life is what happens to you while you're busy making other plans.
>
>
> --John Lennon.
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/d11efd4b-375b-4755-bbfc-14eb06aa0ba6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
