[Buildbot-devel] Authentication of http based communication

Charles Lepple clepple at gmail.com
Wed May 5 01:14:35 UTC 2010

On Tue, May 4, 2010 at 2:20 PM, Dustin J. Mitchell <dustin at zmanda.com> wrote:
> On Tue, May 4, 2010 at 1:11 PM, Ben Hearsum <bhearsum at mozilla.com> wrote:
>> I think it is entirely out of scope for Buildbot to perform any sort of
>> authentication. Time spent writing and maintaining authentication and
>> access control for WebStatus is time not spent working on Buildbot's
>> most important job.
> I hate to break it to y'all, but as of 0.8.0, Buildbot *has* a
> reasonable auth/authz framework.  It doesn't use cookies or anything,
> but that could be added fairly easily.

At first glance, this sounds like it would let me do away with my
/public and /private URLs (proxied to two different WebStatus


However, this page says to check for authorization before displaying
an optional feature:


If this is HTTP auth, doesn't that mean that anonymous/unprivileged
users will have to hit cancel on a few authentication dialogs as they
are browsing the status pages? (Assuming some features have been
designated "authentication required".)

- Charles Lepple

More information about the devel mailing list