Skip to content
Permalink
Browse files

Merge pull request #2900 from ksenia-nenasheva/JENKINS-4478

[JENKINS-4478] - Move TCP port out from under security
  • Loading branch information...
daniel-beck committed Jun 3, 2017
2 parents a76a267 + ca5f212 commit 2228b3936e3fdf6130d65324ac7278cad84edb95
@@ -115,26 +115,7 @@ public boolean configure(StaplerRequest req, JSONObject json) throws hudson.mode
JSONObject security = json.getJSONObject("useSecurity");
j.setDisableRememberMe(security.optBoolean("disableRememberMe", false));
j.setSecurityRealm(SecurityRealm.all().newInstanceFromRadioList(security, "realm"));
j.setAuthorizationStrategy(AuthorizationStrategy.all().newInstanceFromRadioList(security, "authorization"));
if (!isSlaveAgentPortEnforced()) {
try {
j.setSlaveAgentPort(new ServerTcpPort(security.getJSONObject("slaveAgentPort")).getPort());
} catch (IOException e) {
throw new hudson.model.Descriptor.FormException(e, "slaveAgentPortType");
}
}
Set<String> agentProtocols = new TreeSet<>();
if (security.has("agentProtocol")) {
Object protocols = security.get("agentProtocol");
if (protocols instanceof JSONArray) {
for (int i = 0; i < ((JSONArray) protocols).size(); i++) {
agentProtocols.add(((JSONArray) protocols).getString(i));
}
} else {
agentProtocols.add(protocols.toString());
}
}
j.setAgentProtocols(agentProtocols);
j.setAuthorizationStrategy(AuthorizationStrategy.all().newInstanceFromRadioList(security, "authorization"));
} else {
j.disableSecurity();
}
@@ -144,6 +125,27 @@ public boolean configure(StaplerRequest req, JSONObject json) throws hudson.mode
} else {
j.setMarkupFormatter(null);
}

// Agent settings
if (!isSlaveAgentPortEnforced()) {
try {
j.setSlaveAgentPort(new ServerTcpPort(json.getJSONObject("slaveAgentPort")).getPort());
} catch (IOException e) {
throw new hudson.model.Descriptor.FormException(e, "slaveAgentPortType");
}
}
Set<String> agentProtocols = new TreeSet<>();
if (json.has("agentProtocol")) {
Object protocols = json.get("agentProtocol");
if (protocols instanceof JSONArray) {
for (int i = 0; i < ((JSONArray) protocols).size(); i++) {
agentProtocols.add(((JSONArray) protocols).getString(i));
}
} else {
agentProtocols.add(protocols.toString());
}
}
j.setAgentProtocols(agentProtocols);

// persist all the additional security configs
boolean result = true;
@@ -26,6 +26,23 @@ l.layout(norefresh:true, permission:app.ADMINISTER, title:my.displayName, csscla
set("descriptor", my.descriptor);

f.optionalBlock( field:"useSecurity", title:_("Enable security"), checked:app.useSecurity) {
f.entry (title:_("Disable remember me"), field: "disableRememberMe") {
f.checkbox()
}

f.entry(title:_("Access Control")) {
table(style:"width:100%") {
f.descriptorRadioList(title:_("Security Realm"),varName:"realm", instance:app.securityRealm, descriptors:SecurityRealm.all())
f.descriptorRadioList(title:_("Authorization"), varName:"authorization", instance:app.authorizationStrategy, descriptors:AuthorizationStrategy.all())
}
}
}

f.section(title: _("Markup Formatter")) {
f.dropdownDescriptorSelector(title:_("Markup Formatter"),descriptors: MarkupFormatterDescriptor.all(), field: 'markupFormatter')
}

f.section(title: _("Agents")) {
f.entry(title: _("TCP port for JNLP agents"), field: "slaveAgentPort") {
if (my.slaveAgentPortEnforced) {
if (my.slaveAgentPort == -1) {
@@ -63,21 +80,8 @@ l.layout(norefresh:true, permission:app.ADMINISTER, title:my.displayName, csscla
}
}
}

f.entry (title:_("Disable remember me"), field: "disableRememberMe") {
f.checkbox()
}

f.entry(title:_("Access Control")) {
table(style:"width:100%") {
f.descriptorRadioList(title:_("Security Realm"),varName:"realm", instance:app.securityRealm, descriptors:SecurityRealm.all())
f.descriptorRadioList(title:_("Authorization"), varName:"authorization", instance:app.authorizationStrategy, descriptors:AuthorizationStrategy.all())
}
}
}

f.dropdownDescriptorSelector(title:_("Markup Formatter"),descriptors: MarkupFormatterDescriptor.all(), field: 'markupFormatter')

Functions.getSortedDescriptorsForGlobalConfig(my.FILTER).each { Descriptor descriptor ->
set("descriptor",descriptor)
set("instance",descriptor)
@@ -6,10 +6,12 @@ def f=namespace(lib.FormTagLib)
def all = CrumbIssuer.all()

if (!all.isEmpty()) {
f.optionalBlock(field:"csrf", title:_("Prevent Cross Site Request Forgery exploits"), checked: app.useCrumbs ) {
f.entry(title:_("Crumbs")) {
table(style:"width:100%") {
f.descriptorRadioList(title:_("Crumb Algorithm"), varName:"issuer", instance:app.crumbIssuer, descriptors:all)
f.section(title: _("CSRF Protection")) {
f.optionalBlock(field:"csrf", title:_("Prevent Cross Site Request Forgery exploits"), checked: app.useCrumbs ) {
f.entry(title:_("Crumbs")) {
table(style:"width:100%") {
f.descriptorRadioList(title:_("Crumb Algorithm"), varName:"issuer", instance:app.crumbIssuer, descriptors:all)
}
}
}
}

0 comments on commit 2228b39

Please sign in to comment.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.