Comments (4)
Hello,
Could you please let me know which version of Jenkins you are using, and how permissions of the user you are using are granted? (e.g. explicitly or via group/role membership)
Thanks,
Fabien.
from jenkins-cas-plugin.
Hi,
we use the latest stable version of jenkins (jenkins-1.591-1.1.noarch) on a CentOS 6.5. We tested the persmissions giving through the matrix based on both group and role, by enabling all the permissions..
Thanks in advance,
Jan.
from jenkins-cas-plugin.
With the latest Jenkins I was able to authenticate with an API key from a command line while CAS was enabled, so the problem is more likely to be with authorization rather than authentication.
Here are a few things to try:
- With a browser, login to Jenkins with the test user (via CAS) and check that user has the appropriate permissions.
- With a browser, go to the
http://<server>:<port>/whoAmI/api/xml
page and copy/paste the results here. - With a terminal, execute the following command and copy/paste the results here:
wget -nv -S -O - --auth-no-challenge --http-user=<username>--http-password=<API key> http://<server>:<port>/whoAmI/api/xml
Those two XML results may show differences between "granted authorities" given by a web login and an API key login.
One possibility, if you are only granting permissions based on groups, is that these groups were not stored by Jenkins and cannot be queried with API key authentication. As for Jenkins 1.556 and JENKINS-20064, groups are supposed to be stored after a successful web-based login.
Let me know what you find :-)
Fabien.
from jenkins-cas-plugin.
It's solved, I created a specific script user which doesn't exist in CAS. I forgot to add this user in my matrix based security plan.
Once I added this user to the matrix the scripts are working again.
Many thanks to pointing me out the the whoAmI pages!
from jenkins-cas-plugin.
Related Issues (8)
- Compilation fails with latest version of jenkins HOT 3
- Invalid property 'casServerUrlPrefix' of bean class [org.jasig.cas.client.session.SingleSignOutHandler] HOT 3
- CAS Plugin not available any more from the Jenkins Update Center HOT 4
- Upgrading to Jenkins 2.160 breaks CAS logins HOT 9
- Use the same ticket to call finishlogin, log off, and finally error failedLogin page HOT 3
- how to set the ignorePattern parameter? HOT 1
- Recent cas upgrade break the connexion HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jenkins-cas-plugin.