@SuppressWarnings("deprecation") private static RememberMeServices createRememberMeService(UserDetailsService uds) { // create our default TokenBasedRememberMeServices, which depends on the availability of the secret key TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2(); rms.setUserDetailsService(uds); /* TokenBasedRememberMeServices needs to be used in conjunction with RememberMeAuthenticationProvider, and both needs to use the same key (this is a reflection of a poor design in AcgeiSecurity, if you ask me) and various security plugins have its own groovy script that configures them. So if we change this, it creates a painful situation for those plugins by forcing them to choose to work with earlier version of Jenkins or newer version of Jenkins, and not both. So we keep this here. */ rms.setKey(Jenkins.getInstance().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return rms; } }
private static RememberMeServices createRememberMeService(UserDetailsService uds) { // create our default TokenBasedRememberMeServices, which depends on the availability of the secret key TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2(); rms.setUserDetailsService(uds); rms.setKey(Hudson.getInstance().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return rms; } }
private static RememberMeServices createRememberMeService(UserDetailsService uds) { // create our default TokenBasedRememberMeServices, which depends on the availability of the secret key TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2(); rms.setUserDetailsService(uds); rms.setKey(Hudson.getInstance().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return rms; } }
private static RememberMeServices createRememberMeService(UserDetailsService uds) { // create our default TokenBasedRememberMeServices, which depends on the availability of the secret key TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2(); rms.setUserDetailsService(uds); rms.setKey(HudsonSecurityEntitiesHolder.getHudsonSecurityManager().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return rms; } }
private static RememberMeServices createRememberMeService(UserDetailsService uds) { // create our default TokenBasedRememberMeServices, which depends on the availability of the secret key TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2(); rms.setUserDetailsService(uds); rms.setKey(Hudson.getInstance().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return rms; } }
public SecurityComponents createSecurityComponents() { BeanBuilder builder = new BeanBuilder(getClass().getClassLoader()); Binding binding = new Binding(); binding.setVariable("realm", this); InputStream i = getClass().getResourceAsStream("ActiveDirectory.groovy"); try { builder.parse(i, binding); } finally { IOUtils.closeQuietly(i); } WebApplicationContext context = builder.createApplicationContext(); //final AbstractActiveDirectoryAuthenticationProvider adp = findBean(AbstractActiveDirectoryAuthenticationProvider.class, context); findBean(AbstractActiveDirectoryAuthenticationProvider.class, context); //Keeping the call because there might be side effects? final UserDetailsService uds = findBean(UserDetailsService.class, context); TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2() { public Authentication autoLogin(HttpServletRequest request, HttpServletResponse response) { try { return super.autoLogin(request, response); } catch (Exception e) {// TODO: this check is made redundant with 1.556, but needed with earlier versions cancelCookie(request, response, "Failed to handle remember-me cookie: "+Functions.printThrowable(e)); return null; } } }; rms.setUserDetailsService(uds); rms.setKey(Jenkins.getActiveInstance().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return new SecurityComponents( findBean(AuthenticationManager.class, context), uds, rms); }
@SuppressWarnings("deprecation") private static RememberMeServices createRememberMeService(UserDetailsService uds) { // create our default TokenBasedRememberMeServices, which depends on the availability of the secret key TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2(); rms.setUserDetailsService(uds); /* TokenBasedRememberMeServices needs to be used in conjunction with RememberMeAuthenticationProvider, and both needs to use the same key (this is a reflection of a poor design in AcgeiSecurity, if you ask me) and various security plugins have its own groovy script that configures them. So if we change this, it creates a painful situation for those plugins by forcing them to choose to work with earlier version of Jenkins or newer version of Jenkins, and not both. So we keep this here. */ rms.setKey(Jenkins.getInstance().getSecretKey()); rms.setParameter("remember_me"); // this is the form field name in login.jelly return rms; } }