AbstractPasswordBasedSecurityRealm.authenticateByPassword
#8921
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
CloudBees CI includes a single sign-on system from a controller to an “operations center”. For the most part this just involves the usual SSO redirect dance. However there is also an implementation of
createSecurityComponents
allowing password authentication in case someone wants to use the REST or CLI with a password rather than an API token. While this is generally a bad idea, it would be supported without SSO so we needed some way to check the password on the operations center side. Due to theprotected
access here that was not possible without an extra API.Testing done
Covered by a functional test in CloudBees CI. Not much to test here.
Proposed changelog entries
Before the changes are marked as
ready-for-merge
:Maintainer checklist
upgrade-guide-needed
label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).lts-candidate
to be considered (see query).