pwauth

Skip to end of metadata
Go to start of metadata

Plugin Information

Plugin ID pwauth Changes In Latest Release
Since Latest Release
Latest Release
Latest Release Date
Required Core
Dependencies
0.4
Dec 21, 2010
1.389
Source Code
Issue Tracking
Maintainer(s)
Subversion
Open Issues
Ravi Gairola (id: mallox)
Usage Installations 2013-Apr 270
2013-May 277
2013-Jun 277
2013-Jul 293
2013-Aug 297
2013-Sep 286
2013-Oct 308
2013-Nov 318
2013-Dec 306
2014-Jan 311
2014-Feb 319
2014-Mar 337

About

This plug-in adds authentication via pwauth and supports both *nix system users and groups through PAM.
If you're running Jenkins on a Linux system, chances are that your systems already include a centralized user management that is based on PAM, especially in larger organizations. PAM itself is a very versatile system for user authentication and offers many different modules to authenticate against, like for examle Samba, LDAP, MySQL, and many more (see more at kernel.org). The problem with many solutions working with PAM is that they still need access to super user rights to actually use the authentication system. This is where PWauth comes into play.

PWauth is a system usually used in connection with authnz_external, an Apache2-module, but which can be used by any system wanting to authenticate against PAM, without needing super user rights. This way the user running the Jenkins instance can authenticate against any PAM system, without needing special rights, and this leaving security intact.

This plug in uses PWauth to authenticate against whatever PAM configuration you may have set up and supports users and groups in Jenkins. Additionally the plug in allows you to define a white list of IPs that can access the system without needing to authenticate. This is useful when using a post-commit triggers for example, that tries to start a build via a URL, that would usually need authentication.

Changelog

Version 0.5 (planned)

  • Allow host names in white list
  • Internationalization of all messages
  • Fix broken "Remember me"
  • Make plugin only available under *nix systems

Version 0.4 (2010-12-21)

  • Allow authentication via GET/POST parameters (http://hudson.url?username=<username>&password=<password>)
  • Fixed potential security flaw in Filter

Version 0.3 (2010-12-20)

  • Botched release due to problems with migration to new java.net svn repository

Version 0.2 (2010-11-05)

  • Official release to public

 Version 0.1

  • First implementation

How to setup PWauth

TBD.

Until then check the tutorial for authnz_external or the projects tutorial on getting things set up.

To use the authentication via Request, you have to send the credentials as either POST or GET parameters. Currently accepted parameters are "user", "username", "login" and "pass", "password", "passwd", "key". Any combination of these should be able to let you authenticate any request to the server.

Example:
http://my.hudson.url/job/My_Project/build?delay=0sec&user=myUser&pass=myPass

Labels

Edit
plugin-user plugin-user Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.