|
|
|
Issue Type:
|
Bug
|
Assignee:
|
Anthony Roux
|
Components:
|
exclusion, security |
Created:
|
04/Feb/13 10:20 AM
|
Description:
|
I am running:
Jenkins 1.500
CAS plugin 1.1.1 for authentication
Role Strategy Plugin 1.1.2. for authorization
Exclusion plugin 0.8
(these are the latest available at the time of writing)
The only security granted to anonymous users is "overall - read" and "job - read". However, if an anonymous user views Jenkins, the link to the management function "Exclusion Administration" remains visible in the top left hand conent of the Jenkins main page, and can be clicked.
The function should only be available to administrators. I suspect that the Exclusion plugin simply does not check for authorisation.
|
Project:
|
Jenkins
|
Priority:
|
Major
|
Reporter:
|
mwebber
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/groups/opt_out.