Good point. I just addressed it in the proposal and the Essentials tests.

The proposal is updated:
https://github.com/batmat/jep/tree/JENKINS-50294/jep/0000
FTR, the associated PR on Essentials side:
https://github.com/jenkins-infra/evergreen/pull/52

I chose to go with /instance-identity, because I thought it might become
useful in the near future to extract/check the instance-identity, so it
looked like a better guess than /whoAmI where we always get the page for
anonymous.

2018-04-11 15:48 GMT+02:00 Jesse Glick <jgl...@cloudbees.com>:

> On Wed, Apr 11, 2018 at 9:05 AM, James Nord <jamestn...@gmail.com> wrote:
> > Whilst currently the /login page
> > returns a 200 it should only do this if you are not logged in and are
> using
> > an AbstractPasswordBasedSecurityRealm based SecurityRealm.
>
> Good point, this is not a good choice of page for a general-purpose
> anonymous HTML rendering check. I would suggest `/instance-identity/`
> (from `IdentityRootAction/index.jelly`). You could also use `/whoAmI/`
> (from `WhoAmI/index.jelly`).
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/jenkinsci-dev/CANfRfr3iufgV6J5eSf72tYk87ZXE%3DfBWk-d3WTfuME_0jmrBTA%
> 40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CANWgJS4_KqMHRYRz4kEUuRRSYPeDUan%3DKyy01JwJpLHeiTcJ_g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to