> > Login URL > > We check that: > > - > > it is reachable, > - > > and returns a 200 HTTP status code. > > I think that is potentially a bad idea. Whilst currently the /login page returns a 200 it should only do this if you are not logged in and are using an AbstractPasswordBasedSecurityRealm based SecurityReakm. For a non username password provider (google/SAML etc) IMO it should redirect to the actual login url AuthRealm (link <http://javadoc.jenkins.io/hudson/security/SecurityRealm.html#getLoginUrl--> ).
I consider the current behaviour of showing a username/password form a bug if you are either logged in or are not using something that can actually authenticate with a username and password. Regards /James -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/38b68e1c-c962-4cd0-947d-a0228672598f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
