diff --git a/changelog.html b/changelog.html
index 6cf4643eb761..baecec0ce380 100644
--- a/changelog.html
+++ b/changelog.html
@@ -65,6 +65,9 @@
Default e-mail suffix should be used to complete the domain name portion of the recipients list.
(pull #324)
+
+ Closure execution after CLI.upgrade() should carry over the transport credential.
+ issue 10890
Incorrect path delimiter used in ZipArchiver when creating archive on Windows.
issue 9942
diff --git a/core/src/main/java/hudson/cli/CliManagerImpl.java b/core/src/main/java/hudson/cli/CliManagerImpl.java
index 7a479a2ed29d..7ff5247e854c 100644
--- a/core/src/main/java/hudson/cli/CliManagerImpl.java
+++ b/core/src/main/java/hudson/cli/CliManagerImpl.java
@@ -23,8 +23,12 @@
*/
package hudson.cli;
+import hudson.remoting.CallableFilter;
import hudson.remoting.Channel;
import hudson.remoting.Pipe;
+import org.acegisecurity.Authentication;
+import org.acegisecurity.context.SecurityContext;
+import org.acegisecurity.context.SecurityContextHolder;
import java.io.InputStream;
import java.io.OutputStream;
@@ -33,6 +37,7 @@
import java.util.Collections;
import java.util.List;
import java.util.Locale;
+import java.util.concurrent.Callable;
import java.util.logging.Logger;
/**
@@ -42,9 +47,29 @@
*/
public class CliManagerImpl implements CliEntryPoint, Serializable {
private transient final Channel channel;
+
+ private Authentication transportAuth;
+
+ /**
+ * Runs callable from this CLI client with the transport authentication credential.
+ */
+ private final CallableFilter authenticationFilter = new CallableFilter() {
+ public V call(Callable callable) throws Exception {
+ SecurityContext context = SecurityContextHolder.getContext();
+ Authentication old = context.getAuthentication();
+ if (transportAuth!=null)
+ context.setAuthentication(transportAuth);
+ try {
+ return callable.call();
+ } finally {
+ context.setAuthentication(old);
+ }
+ }
+ };
public CliManagerImpl(Channel channel) {
this.channel = channel;
+ channel.addLocalExecutionInterceptor(authenticationFilter);
}
public int main(List args, Locale locale, InputStream stdin, OutputStream stdout, OutputStream stderr) {
@@ -62,7 +87,8 @@ public int main(List args, Locale locale, InputStream stdin, OutputStrea
cmd.channel = Channel.current();
final CLICommand old = CLICommand.setCurrent(cmd);
try {
- cmd.setTransportAuth(Channel.current().getProperty(CLICommand.TRANSPORT_AUTHENTICATION));
+ transportAuth = Channel.current().getProperty(CLICommand.TRANSPORT_AUTHENTICATION);
+ cmd.setTransportAuth(transportAuth);
return cmd.main(args.subList(1,args.size()),locale, stdin, out, err);
} finally {
CLICommand.setCurrent(old);
diff --git a/pom.xml b/pom.xml
index 8576703bd533..1af6a0ee3965 100644
--- a/pom.xml
+++ b/pom.xml
@@ -188,7 +188,7 @@ THE SOFTWARE.
org.jenkins-ci.main
remoting
- 2.11
+ 2.12