Skip to content

[JENKINS-57267] Rebuild's "Remember Password" remembers Non-Stored Password Parameters #157

New issue
New issue
Open
Bug
Open
[JENKINS-57267] Rebuild's "Remember Password" remembers Non-Stored Password Parameters#157
Bug
Labels
component:mask-passwords-plugincomponent:rebuild-pluginimported-jira-issuepriority:minorresolution:unresolved
@jenkins-infra-bot

Description

@jenkins-infra-bot
jenkins-infra-bot
opened on Apr 30, 2019

When Jenkins is configured to remember passwords on a Rebuild, it remembers Non-Stored Password Parameters as well as normal Password Parameters.

According to the description of the configuration option, it should not remember Non-Stored Passwords:

If the remember password option is checked, the rebuild plugin will use the stored password parameter when a rebuild is triggered. If the remember password option is unchecked, the user will be prompted to enter the password every time a rebuild is triggered. This only applies for a parameterized build with parameters of type password.

A simple test shows that this option also remembers Non-Stored Password Parameters.

1. Set up a simple job with a Non-Stored Password Parameter
Example code:

node("master") {
    println(params.PASSWORD)
}

2. Build the job once as User A with parameter "test"
3. See "test" printed to console
4. Rebuild the first build
5. See "test" printed to console
6. Switch to User B
7. Rebuild the build
8. See "test" printed to console

The Non-Stored Password should not persist across Rebuilds. This issue is marked as "Minor" because the workaround is to disable the top-level configuration to Remember Passwords.

Originally reported by mksmith, imported from: Rebuild's "Remember Password" remembers Non-Stored Password Parameters
  • assignee: ragesh_nair
  • status: Open
  • priority: Minor
  • component(s): mask-passwords-plugin, rebuild-plugin
  • label(s): mask-passwords, rebuild
  • resolution: Unresolved
  • votes: 0
  • watchers: 1
  • imported: 20251216-225446
Raw content of original issue 
When Jenkins is configured to remember passwords on a Rebuild, it remembers Non-Stored Password Parameters as well as normal Password Parameters. 



According to the description of the configuration option, it should not remember Non-Stored Passwords:


If the remember password option is checked, the rebuild plugin will use the stored password parameter when a rebuild is triggered. If the remember password option is unchecked, the user will be prompted to enter the password every time a rebuild is triggered. This only applies for a parameterized build with parameters of type password.



  



A simple test shows that this option also remembers Non-Stored Password Parameters.



1. Set up a simple job with a Non-Stored Password Parameter
Example code:




node("master") {
    println(params.PASSWORD)
}




2. Build the job once as User A with parameter "test"
3. See "test" printed to console
4. Rebuild the first build
5. See "test" printed to console
6. Switch to User B
7. Rebuild the build
8. See "test" printed to console


The Non-Stored Password should not persist across Rebuilds. This issue is marked as "Minor" because the workaround is to disable the top-level configuration to Remember Passwords.
environment 
Jenkins 2.164.1<br/>
Rebuild Plugin 1.29<br/>
Mask Passwords Plugin 2.12.0
1 attachment

Metadata

Metadata

Assignees

No one assigned

    Labels

    component:mask-passwords-plugincomponent:rebuild-pluginimported-jira-issuepriority:minorresolution:unresolved

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions