Hi,
Thanks for comments.
I expect Jenkins provides more options for build authorization as Jenkins
now warns users for build authorizations as Rene pointed.
Trigger restrictions look just what I expected to replace
`QueueItemAuthenticator`.
It's only a part of replacements of `QueueItemAuthenticator` (only
Job.BUILD as pointed), and I want to know whether there are other
permissions to support with the alternative of `QueueItemAuthenticator`.
As far as I know:
* Job.Build: replaced with Trigger restrictions.
* Job.Read: CopyArtifactPermissionProperty (applicable only to copyartifact)
Let me know if there are other permissions to support.
Impersonation-plugin and JENKINS-15063 both would be a great step to
resolve issues relating to authentication and authorization.
But I'm afraid they might not resolve all issues. I believe following three
issues exist:
* The configuration should not belong to a specific real user.
* For example, both user A and B in the same division should be able to
configure the job.
* Impersonate-plugin would resolve this issue.
* Jenkins administrators may not be administrators of authentication server
(LDAP, ActiveDirectory so on).
* It means Jenkins administrators may not be able to add users and
groups at their will.
* JENKINS-15063 would allow administrators to add Jenkins-specific
users and groups.
* Authentication mechanism to restrict users to configure build
authorization.
* Actually it's not so easy. Authorize-project costs much to implement
this.
Regards,
Ikedam
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/308b05c7-4c3c-4c1f-b06b-0356a5012c79%40googlegroups.com.
