Hi,
Thanks for comments.
I expect Jenkins provides more options for build authorization as Jenkins
now warns users for build authorizations as Rene pointed.
Trigger restrictions look just what I expected to replace
`QueueItemAuthenticator`.
It's only a part of replacements of `QueueItemAuthenticator` (only
Job.BUILD as pointed), and I want to know whether there are other
permissions to support with the alternative of `QueueItemAuthenticator`.
As far as I know:
* Job.Build: replaced with Trigger restrictions.
* Job.Read: CopyArtifactPermissionProperty (applicable only to copyartifact)
Let me know if there are other permissions to support.
Impersonation-plugin and JENKINS-15063 both would be a great step to
resolve issues relating to authentication and authorization.
But I'm afraid they might not resolve all issues. I believe following three
issues exist:
* The configuration should not belong to a specific real user.
* For example, both user A and B in the same division should be able to
configure the job.
* Impersonate-plugin would resolve this issue.
* Jenkins administrators may not be administrators of authentication server
(LDAP, ActiveDirectory so on).
* It means Jenkins administrators may not be able to add users and
groups at their will.
* JENKINS-15063 would allow administrators to add Jenkins-specific
users and groups.
* Authentication mechanism to restrict users to configure build
authorization.
* Actually it's not so easy. Authorize-project costs much to implement
this.
Regards,
Ikedam
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/308b05c7-4c3c-4c1f-b06b-0356a5012c79%40googlegroups.com.
