![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
Unassigned |
|
Components:
|
core |
|
Created:
|
14/Oct/14 3:14 PM
|
|
Description:
|
Hello,
I've tried the following:
- I have a Jenkins installation on Debian stable with the most recent Jenkins release (via the official Jenkins repository)
- I have enabled security
- The anonymous user does not have any rights (not even 'Read'), because I don't want to show which nodes are active or which users are configured.
- Nobody is logged in
- I browse to http://localhost:8080/userContent/
Achieved result:
I see a login prompt.
Expected result:
I've seen ticket https://issues.jenkins-ci.org/browse/JENKINS-23259, which handles exactly the opposite situation.
According to the Wiki page at https://wiki.jenkins-ci.org/display/JENKINS/User+Content the userContent folder should be accessible.
<quote>Note that these files are not subject to any access controls.</quote>
Versions affected:
1.565.3, 1.580, 1.584
Is the Wiki page incomplete and should it mention that when the anonymous has no rights at all, userContent is protected, or should the userContent folder always be unprotected?
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Minor]() Minor
|
|
Reporter:
|
Roland Clobus
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/d/optout.
