[Buildbot-devel] Restricting access to URLs?
Dustin J. Mitchell
dustin at v.igoro.us
Thu Feb 3 23:22:35 UTC 2011
On Thu, Feb 3, 2011 at 4:14 PM, David Coppit <david at coppit.org> wrote:
> We noticed there is some LDAP support in Buildbot, but it looks like the
> username and password are passed as GET parameters. (?!) We also want to be
> sure that people don't have to enter credentials for every page.
> Alternatively, we were thinking of setting up Apache as a proxy for BB and
> using its LDAP support. With a little caching we can also improve the
> scalability of the Buildbot UI.
Buildbot's authentication support is meagre. I don't think there's
any direct LDAP support included. The web status currently doesn't
use any sort of cookies, so re-authentication is generally required.
Amber's point is correct: most folks put another server in front of
buildbot (nginx or Apache) and filter with that.
That said, adding better support for authentication and authorization
would be a great improvement.
More information about the devel