-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
CentOS 5, jre 1.6.0_27
When I try to make jenkins talk to ldap, I cannot log in. Authentication seeminly succeeds (no errors in console, not redirected to 'login failure' page) but I do get redirected back to the login page, which to me indicates an authorization problem. tcpdump on the ldap server also seems to indicate succesful bind.
ldap server is openldap, accounts are PosixAccont entries. Here's the relevant config snippet in config.xml:
<useSecurity>true</useSecurity> <authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy"> <permission>hudson.model.Computer.Configure:dkaarsemaker</permission> <permission>hudson.model.Computer.Create:dkaarsemaker</permission> <permission>hudson.model.Computer.Delete:dkaarsemaker</permission> <permission>hudson.model.Hudson.Administer:dkaarsemaker</permission> <permission>hudson.model.Hudson.Read:dkaarsemaker</permission> <permission>hudson.model.Hudson.RunScripts:dkaarsemaker</permission> <permission>hudson.model.Item.Build:dkaarsemaker</permission> <permission>hudson.model.Item.Configure:dkaarsemaker</permission> <permission>hudson.model.Item.Create:dkaarsemaker</permission> <permission>hudson.model.Item.Delete:dkaarsemaker</permission> <permission>hudson.model.Item.Read:dkaarsemaker</permission> <permission>hudson.model.Item.Workspace:dkaarsemaker</permission> <permission>hudson.model.View.Configure:dkaarsemaker</permission> <permission>hudson.model.View.Create:dkaarsemaker</permission> <permission>hudson.model.View.Delete:dkaarsemaker</permission> </authorizationStrategy> <securityRealm class="hudson.security.LDAPSecurityRealm"> <server>ldap://ldap.internal.kaarsemaker.net</server> <rootDN>dc=external,dc=kaarsemaker,dc=net</rootDN> <inhibitInferRootDN>false</inhibitInferRootDN> <userSearchBase>ou=People</userSearchBase> <userSearch>uid={0}</userSearch> <groupSearchBase>ou=Group</groupSearchBase> </securityRealm>
In order to set proper expectation, I have unassigned Kohsuke from this tickets.
Currently there is no Default assignee in the LDAP plugin, any contributions will be appreciated.