[Buildbot-devel] Restricting access to URLs?

Dustin J. Mitchell dustin at v.igoro.us
Thu Feb 3 23:22:35 UTC 2011


On Thu, Feb 3, 2011 at 4:14 PM, David Coppit <david at coppit.org> wrote:
> We noticed there is some LDAP support in Buildbot, but it looks like the
> username and password are passed as GET parameters. (?!) We also want to be
> sure that people don't have to enter credentials for every page.
>
> Alternatively, we were thinking of setting up Apache as a proxy for BB and
> using its LDAP support. With a little caching we can also improve the
> scalability of the Buildbot UI.

Buildbot's authentication support is meagre.  I don't think there's
any direct LDAP support included.  The web status currently doesn't
use any sort of cookies, so re-authentication is generally required.

Amber's point is correct: most folks put another server in front of
buildbot (nginx or Apache) and filter with that.

That said, adding better support for authentication and authorization
would be a great improvement.

Dustin




More information about the devel mailing list