The plugin originally used `Action` instead of `RootAction`. Given that
`Action` is a subclass of `UnprotectedRootAction`, would it suffice to swap
the implement?
Like so:
# ...import hudson.model.UnprotectedRootAction;
public class BadgeAction implements UnprotectedRootAction {
# ...
public HttpResponse doIcon() {
return factory.getImage(project.getIconColor());
}
}
I tried this, and the plugin still works, but the url is still not
accessible as anonymous. Is there anything else I need to implement (or is
there some documentation on this)? Thank you.
$ curl -i -X HEAD http://ciserver/job/continuous-integration/badge/icon
HTTP/1.1 403 Forbidden
<html><head><meta http-equiv='refresh'
content='1;url=/login?from=%2Fjob%2Fcontinuous-integration%2Fbadge%2Ficon'/><script>window.location.replace('/login?from=%2Fjob%2Fcontinuous-integration%2Fbadge%2Ficon');</script></head><body
style='background-color:white; color:white;'>Authentication
required</body></html>
On Thursday, April 11, 2013 2:19:11 PM UTC+2, Stephen Connolly wrote:
>
> implements/extends UnprotectedRootAction in place of RootAction
>
>
> On 11 April 2013 13:15, Jean Mertz <[email protected] <javascript:>> wrote:
>
>> I'm using a custom version of the
>> embeddable-build-status-plugin<https://github.com/kabisaict/embeddable-build-status-plugin/tree/shields>which
>> allows us to show a status badge in the project documentation. We
>> also use *Global Security* (using Project-based Matrix Authorization
>> Strategy) where Anonymous gets no access rights at all.
>>
>> This prevents us from accessing the url provided by the plugin when not
>> logged in. The only work-around seems to give Anonymous the "overall read"
>> rights. This works, but we prefer not to give any rights at all and simply
>> show a login screen when someone visits our Jenkins server, which is not
>> possible when giving anonymous the read right.
>>
>> Is there any way to mark a plugin endpoint as "outside the security
>> realm", by either modifying the plugin or setting this in Jenkins itself?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>>
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
