Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/jnlpJars/agent.jar can no longer be accessed anonymously #185

Open
fhickman opened this issue Sep 20, 2023 · 0 comments
Open

/jnlpJars/agent.jar can no longer be accessed anonymously #185

fhickman opened this issue Sep 20, 2023 · 0 comments
Labels
bug

Comments

@fhickman
Copy link

Jenkins and plugins versions report

Environment 
Jenkins: 2.414.2
OS: Linux - 5.10.186-179.751.amzn2.x86_64
Java: 11.0.20.1 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
---
ace-editor:1.1
amazon-ecs:1.48
ant:497.v94e7d9fffa_b_9
antisamy-markup-formatter:162.v0e6ec0fcfcf6
anything-goes-formatter:19.v3e2b_1b_3e0ee5
apache-httpcomponents-client-4-api:4.5.14-208.v438351942757
apache-httpcomponents-client-5-api:5.2.1-1.0
artifact-diff-plugin:1.3
authentication-tokens:1.53.v1c90fd9191a_b_
aws-credentials:218.v1b_e9466ec5da_
aws-java-sdk:1.12.529-406.vdeff15e5817d
aws-java-sdk-cloudformation:1.12.529-406.vdeff15e5817d
aws-java-sdk-codebuild:1.12.529-406.vdeff15e5817d
aws-java-sdk-ec2:1.12.529-406.vdeff15e5817d
aws-java-sdk-ecr:1.12.529-406.vdeff15e5817d
aws-java-sdk-ecs:1.12.529-406.vdeff15e5817d
aws-java-sdk-efs:1.12.529-406.vdeff15e5817d
aws-java-sdk-elasticbeanstalk:1.12.529-406.vdeff15e5817d
aws-java-sdk-iam:1.12.529-406.vdeff15e5817d
aws-java-sdk-kinesis:1.12.529-406.vdeff15e5817d
aws-java-sdk-logs:1.12.529-406.vdeff15e5817d
aws-java-sdk-minimal:1.12.529-406.vdeff15e5817d
aws-java-sdk-secretsmanager:1.12.529-406.vdeff15e5817d
aws-java-sdk-sns:1.12.529-406.vdeff15e5817d
aws-java-sdk-sqs:1.12.529-406.vdeff15e5817d
aws-java-sdk-ssm:1.12.529-406.vdeff15e5817d
bootstrap4-api:4.6.0-6
bootstrap5-api:5.3.2-1
bouncycastle-api:2.29
branch-api:2.1128.v717130d4f816
build-environment:1.7
build-name-setter:2.3.0
build-user-vars-plugin:1.9
caffeine-api:3.1.8-133.v17b_1ff2e0599
checks-api:2.0.2
cloud-stats:320.v96b_65297a_4b_b_
cloudbees-folder:6.848.ve3b_fd7839a_81
cobertura:1.17
code-coverage-api:4.7.0
command-launcher:107.v773860566e2e
commons-lang3-api:3.13.0-62.v7d18e55f51e2
commons-text-api:1.10.0-78.v3e7b_ea_d5a_fe1
conditional-buildstep:1.4.3
config-file-provider:959.vcff671a_4518b_
configuration-as-code:1700.v6f448841296e
copy-project-link:106.veb_028794a_844
copyartifact:722.v0662a_9b_e22a_c
credentials:1271.v54b_1c2c6388a_
credentials-binding:636.v55f1275c7b_27
cucumber-reports:5.7.6
dashboard-view:2.495.v07e81500c3f2
data-tables-api:1.13.6-4
description-setter:1.9
display-url-api:2.3.9
docker-commons:439.va_3cb_0a_6a_fb_29
docker-java-api:3.3.1-79.v20b_53427e041
docker-plugin:1.5
docker-workflow:572.v950f58993843
durable-task:523.va_a_22cf15d5e0
ec2-fleet:3.0.0
echarts-api:5.4.0-6
envinject:2.908.v66a_774b_31d93
envinject-api:1.199.v3ce31253ed13
extensible-choice-parameter:1.8.1
external-monitor-job:215.v2e88e894db_f8
file-parameters:316.va_83a_1221db_a_7
flexible-publish:0.16.1
font-awesome-api:6.4.2-1
forensics-api:2.3.0
git:5.2.0
git-client:4.5.0
git-parameter:0.9.19
gitlab-plugin:1.7.16
google-oauth-plugin:1.0.11
handlebars:3.0.8
hsts-filter-plugin:10.v6e229055329a
htmlpublisher:1.32
instance-identity:173.va_37c494ec4e5
ionicons-api:56.v1b_1c8c49374e
ivy:2.5
jackson2-api:2.15.2-350.v0c2f3f8fc595
jakarta-activation-api:2.0.1-3
jakarta-mail-api:2.0.1-3
javadoc:243.vb_b_503b_b_45537
javax-activation-api:1.2.0-6
javax-mail-api:1.6.2-9
jaxb:2.3.8-1
jdk-tool:73.vddf737284550
jersey2-api:2.40-1
jnr-posix-api:3.1.17-1
job-dsl:1.85
jquery:1.12.4-1
jquery-detached:1.2.1
jquery3-api:3.7.1-1
jsch:0.2.8-65.v052c39de79b_2
junit:1240.vf9529b_881428
kubernetes:4029.v5712230ccb_f8
kubernetes-client-api:6.8.1-224.vd388fca_4db_3b_
kubernetes-credentials:0.11
lockable-resources:1185.v0c528656ce04
log-parser:2.3.0
mailer:463.vedf8358e006b_
mapdb-api:1.0.9-28.vf251ce40855d
matrix-auth:3.2.1
matrix-project:808.v5a_b_5f56d6966
maven-plugin:3.23
metrics:4.2.18-442.v02e107157925
mina-sshd-api-common:2.10.0-69.v28e3e36d18eb_
mina-sshd-api-core:2.10.0-69.v28e3e36d18eb_
momentjs:1.1.1
multi-branch-project-plugin:0.7
multiple-scms:0.8
next-build-number:1.8
node-iterator-api:49.v58a_8b_35f8363
nodelabelparameter:1.12.0
nunit:394.v65c09a_8408b_a_
oauth-credentials:0.645.ve666a_c332668
oic-auth:2.6
okhttp-api:4.11.0-157.v6852a_a_fa_ec11
pam-auth:1.10
parameterized-trigger:2.46
performance:928.vdea_0dca_55446
pipeline-build-step:505.v5f0844d8d126
pipeline-graph-analysis:202.va_d268e64deb_3
pipeline-groovy-lib:689.veec561a_dee13
pipeline-input-step:477.v339683a_8d55e
pipeline-milestone-step:111.v449306f708b_7
pipeline-model-api:2.2144.v077a_d1928a_40
pipeline-model-definition:2.2144.v077a_d1928a_40
pipeline-model-extensions:2.2144.v077a_d1928a_40
pipeline-multibranch-defaults:2.1
pipeline-rest-api:2.33
pipeline-stage-step:305.ve96d0205c1c6
pipeline-stage-tags-metadata:2.2144.v077a_d1928a_40
pipeline-stage-view:2.33
pipeline-utility-steps:2.16.0
plain-credentials:143.v1b_df8b_d3b_e48
plugin-util-api:3.3.0
popper-api:1.16.1-3
popper2-api:2.11.6-2
postbuildscript:3.2.0-550.v88192b_d3e922
prism-api:1.29.0-8
promoted-builds:892.vd6219fc0a_efb
publish-over:0.22
publish-over-ssh:1.25
pyenv-pipeline:2.1.2
rebuild:320.v5a_0933a_e7d61
resource-disposer:0.23
run-condition:1.7
run-selector:1.1.1
s3:0.12.3445.vda_704535b_5a_d
saml:4.429.v9a_781a_61f1da_
scm-api:676.v886669a_199a_a_
script-security:1275.v23895f409fb_d
slack:684.v833089650554
snakeyaml-api:2.2-111.vc6598e30cc65
ssh-credentials:308.ve4497b_ccd8f4
ssh-slaves:2.916.vd17b_43357ce4
sshd:3.312.v1c601b_c83b_0e
structs:325.vcb_307d2a_2782
subversion:2.17.3
sumologic-publisher:2.2.4
tap:2.3
text-finder:1.26
thinBackup:1.18
timestamper:1.26
token-macro:384.vf35b_f26814ec
trilead-api:2.84.v72119de229b_7
unity3d-plugin:1.3
variant:60.v7290fc0eb_b_cd
windows-slaves:1.8.1
workflow-aggregator:596.v8c21c963d92d
workflow-api:1281.vca_5fddb_3fceb_
workflow-basic-steps:1042.ve7b_140c4a_e0c
workflow-cps:3791.va_c0338ea_b_59c
workflow-durable-task-step:1289.v4d3e7b_01546b_
workflow-job:1346.v180a_63f40267
workflow-multibranch:756.v891d88f2cd46
workflow-scm-step:415.v434365564324
workflow-step-api:639.v6eca_cd8c04a_a_
workflow-support:865.v43e78cc44e0d

What Operating System are you using (both controller, and any agents involved in the problem)?

Docker image:
FROM --platform=linux/amd64 jenkins/jenkins:2.414.2-lts-jdk11

Reproduction steps

  1. Attempt to access the Jenkins URL /jnlpJars/agent.jar without authentication (ex. from an Incognito window in Chrome)

Expected Results

agent.jar should download without authentication (so it can be used to bootstrap remote agents).

Relevant Jenkins documentation on Jenkins Permissions: https://www.jenkins.io/doc/book/security/access-control/permissions/#access-granted-without-overallread

Actual Results

User is redirected to Google OAuth authentication flow

Anything else?

Apologies in advance, but I cannot tell if this issue resides with the plugin or with the Jenkins core.
@fhickman fhickman added the bug label Sep 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fhickman