![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
Unassigned |
|
Components:
|
core |
|
Created:
|
14/Oct/14 3:14 PM
|
|
Description:
|
Hello,
I've tried the following:
- I have a Jenkins installation on Debian stable with the most recent Jenkins release (via the official Jenkins repository)
- I have enabled security
- The anonymous user does not have any rights (not even 'Read'), because I don't want to show which nodes are active or which users are configured.
- Nobody is logged in
- I browse to http://localhost:8080/userContent/
Achieved result:
I see a login prompt.
Expected result:
I've seen ticket https://issues.jenkins-ci.org/browse/JENKINS-23259, which handles exactly the opposite situation.
According to the Wiki page at https://wiki.jenkins-ci.org/display/JENKINS/User+Content the userContent folder should be accessible.
<quote>Note that these files are not subject to any access controls.</quote>
Versions affected:
1.565.3, 1.580, 1.584
Is the Wiki page incomplete and should it mention that when the anonymous has no rights at all, userContent is protected, or should the userContent folder always be unprotected?
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Minor]() Minor
|
|
Reporter:
|
Roland Clobus
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/d/optout.
