Is it possible to disable "People" view in Hudson?_问答_开发者

Is it possible to disable "People" view in Hudson?

开发者 https://www.devze.com 2023-01-29 11:33 出处：网络

I would like t开发者_如何转开发o disable page \"People\" in Hudson. I don\'t want users to see other users. Is it possible to do?I don\'t know if you can do it directly with Hudson, but you certainly

相关专题：hudson

I would like t开发者_如何转开发o disable page "People" in Hudson. I don't want users to see other users. Is it possible to do?

I don't know if you can do it directly with Hudson, but you certainly be able to do it if you run Hudson within a Tomcat instance (I run mine in a Tomcat 7 without any problem).

You would define a JSP security-constraint, a bit like those ones (note: adapted for LDAP because I defer all user authentication to the webapp container of Hudson: in my case, Tomcat)

The OP asks:

You're suggesting to make changes to hudson/WEB-INF/web.xml? Could you please explicitly mention the file I have to change?

@Vincenzo: I don't! I never touch one bit of the hudson.jar. I only use it within a Tomcat instance, meaning:

I declare in <tomcat>/conf/Catalina/localhost a context for each Hudson I want to manage:

  hudson-xxx -> /home/me/context/hudson-xxx.xml

(it is a link because I want to upgrade Tomcat easily, so I externalize the context definition outside of Tomcat). I define my Realm for ACL purposes:

<?xml version='1.0' encoding='utf-8'?>
<Context docBase="/home/me/hudson/hudson.war" path="/hudson-xxx">
  <Realm className="org.apache.catalina.real.CombinedRealm" >
    <Realm className="org.apache.catalina.real.JNDIRealm" debug="99"
           connectionURL="ldap://xxxxx:389"
           alternateURL="ldap://xxxxx:389"
           connexionName="yyyy"
           connectionPassword="zzzz"
           userPattern="CN={0},OU=...,DC=..."
           userRoleName="memberOf"
           useSubtree="false"
           roleBase="OU=...,DC=..."
           roleName="cn"
           roleSearch="(member={0})"
           roleSubtree="false"
    />
  </Realm>
  <Environment name="HUDSON_XXX" value="/home/me/hudson/hudson-xxx-home" type="java.lang.String" override="false" />
</Context>

(With that context, a hudson.war stored outside of Tomcat is automatically deployed with the </tomcat>/webapps directory, and access from http://tomcat-server/hudson-xxx, with an LDAP-based authentication)

I suggests modifying the </tomcat>/conf/web.xml to add security-constraint which would prevent anybody to access the user page while letting only certain tomcat users (as defined in /conf/tomcat-users.xml.
(I haven't tested it yet)