[JENKINS-11643 JENKINS-9258]

Revisiting the defensive check needed for JENKINS-11643 in light of making remember me service works (JENKINS-9258) I've made changes in the core so that the TokenBasedRememberMeService2.autoLogin consults the LastGrantedAuthoritiesProperty of the User object in Jenkins 1.556. So when used with newer version of Jenkins, I can making remember me work with AD. This fix makes AD plugin behave gracefully with earlier versions, while still allowing me to leverage new additions in 1.556.
jenkinsci · Mar 11, 2014 · 4f65a3f · 4f65a3f
1 parent ead4559
commit 4f65a3f
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java b/src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
@@ -135,11 +135,12 @@ public SecurityComponents createSecurityComponents() {
 
         TokenBasedRememberMeServices2 rms = new TokenBasedRememberMeServices2() {
             public Authentication autoLogin(HttpServletRequest request, HttpServletResponse response) {
-                // no supporting auto-login unless we can do retrieveUser. See JENKINS-11643.
-                if (adp.canRetrieveUserByName())
+                try {
                     return super.autoLogin(request, response);
-                else
+                } catch (Exception e) {// TODO: this check is made redundant with 1.556, but needed with earlier versions
+                    cancelCookie(request, response, "Failed to handle remember-me cookie: "+Functions.printThrowable(e));
                     return null;
+                }
             }
         };
         rms.setUserDetailsService(uds);