开发者

Is it possible to disable "People" view in Hudson?

I would like t开发者_如何转开发o disable page "People" in Hudson. I don't want users to see other users. Is it possible to do?


I don't know if you can do it directly with Hudson, but you certainly be able to do it if you run Hudson within a Tomcat instance (I run mine in a Tomcat 7 without any problem).

You would define a JSP security-constraint, a bit like those ones (note: adapted for LDAP because I defer all user authentication to the webapp container of Hudson: in my case, Tomcat)


The OP asks:

You're suggesting to make changes to hudson/WEB-INF/web.xml? Could you please explicitly mention the file I have to change?

@Vincenzo: I don't! I never touch one bit of the hudson.jar. I only use it within a Tomcat instance, meaning:

  • I declare in <tomcat>/conf/Catalina/localhost a context for each Hudson I want to manage:
  hudson-xxx -> /home/me/context/hudson-xxx.xml

(it is a link because I want to upgrade Tomcat easily, so I externalize the context definition outside of Tomcat). I define my Realm for ACL purposes:

<?xml version='1.0' encoding='utf-8'?>
<Context docBase="/home/me/hudson/hudson.war" path="/hudson-xxx">
  <Realm className="org.apache.catalina.real.CombinedRealm" >
    <Realm className="org.apache.catalina.real.JNDIRealm" debug="99"
           connectionURL="ldap://xxxxx:389"
           alternateURL="ldap://xxxxx:389"
           connexionName="yyyy"
           connectionPassword="zzzz"
           userPattern="CN={0},OU=...,DC=..."
           userRoleName="memberOf"
           useSubtree="false"
           roleBase="OU=...,DC=..."
           roleName="cn"
           roleSearch="(member={0})"
           roleSubtree="false"
    />
  </Realm>
  <Environment name="HUDSON_XXX" value="/home/me/hudson/hudson-xxx-home" type="java.lang.String" override="false" />
</Context>

(With that context, a hudson.war stored outside of Tomcat is automatically deployed with the </tomcat>/webapps directory, and access from http://tomcat-server/hudson-xxx, with an LDAP-based authentication)

  • I suggests modifying the </tomcat>/conf/web.xml to add security-constraint which would prevent anybody to access the user page while letting only certain tomcat users (as defined in /conf/tomcat-users.xml.
    (I haven't tested it yet)
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜