Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Plugin cannot retreive data from password-protected Jenkins #2

Open
jatalahd opened this issue Apr 3, 2013 · 9 comments
Open

Plugin cannot retreive data from password-protected Jenkins #2

jatalahd opened this issue Apr 3, 2013 · 9 comments

Comments

@jatalahd
Copy link

jatalahd commented Apr 3, 2013

Thank you for a nice gadget, however there does not seem to be a way to fetch the build status when the anonymous user is blocked by the security rules. So it would be a nice enhancement if there would be a way to get the build information as another user than the default "anonymous" user.

@velias
Copy link
Member

velias commented Apr 3, 2013

Hi,
thanks for this idea. Unfortunately it's not as simple to make authorized requests from Gadget to the Jenkins remote API.

On the gadget side, authorization possibilities are very limited (OAuth and Signet methods), see https://developers.google.com/gadgets/docs/reference/#gadgets.io.makeRequest

Jenkins remote API supports HTTP basic authentication only, see https://wiki.jenkins-ci.org/display/JENKINS/Remote+access+API

So there is not any way for now how to implement this feature. OAuth support on Jenkins REST API is missing.

@jatalahd
Copy link
Author

jatalahd commented Apr 3, 2013

Ok, I thought it might get complicated when it comes to authorization. Thank you for giving the analysis on the underlying details. I will use the Jenkins gadget as it is now and try to get around the security limitations in some other ways. Maybe it is possible to just forward the build outcome from the secured Jenkins instance to some public Jenkins which acts only as the "reporting" instance. You can close this issue if you see that it is not possible to "fix" it.

@velias velias closed this as completed Apr 4, 2013
@velias
Copy link
Member

velias commented Jun 6, 2013

Latest review for the plugin brought me some idea how to implement this feature.
Gadget should make http requests against special "proxy" handler inside JIRA, which will add http basic authentication header into call and proxy back response. Some Administration page should be added into JIRA to set username and password for Jenkins instance (identified by base URL).
Only cons of this solution is Jenkins user password stored inside JIRA, but this will be not problem if you use special Jenkins user account with read permissions only (not write permissions).
Note that in this case all jira users will see all informations provided for used Jenkins user (no any mapping between JIRA and Jenkins users will be provided by this solution)

@velias velias reopened this Jun 6, 2013
@ghost ghost assigned velias Jun 6, 2013
@peterhendriks
Copy link

+1 for this feature, we have Jenkins secured as well. The basic auth solution would be great!

@bassrock
Copy link

+1

@bassrock
Copy link

I got it working by using this as the base url: http://AUSER:[email protected]

@mpwilks
Copy link

mpwilks commented Aug 29, 2016

Passing the Username and password in the URL doesn't work for SAML enabled Jenkins instances. We need some other solution.

@geerligs
Copy link

geerligs commented Mar 6, 2017

same issue here: adding username/password to URL doesn't fix authentication. Maybe info in http://stackoverflow.com/questions/33508417/jenkins-json-rest-api-with-cors-request-using-jquery might help?

@cYzzie
Copy link

cYzzie commented Feb 11, 2019

i have the same issue, the work around with adding the Password to the url does not work,
hoever if i do it with curl it works fine

i.e. if i do this:

curl -sf -X POST 'https://username:password@{jenkins_url}/{job_url}/api/json?nocache=1549898837'

then i get the correct result,
maybe there is an easy fix to at least support the username/password thing?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants