• Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ldap-plugin
    • None
    • CentOS 5, jre 1.6.0_27

      When I try to make jenkins talk to ldap, I cannot log in. Authentication seeminly succeeds (no errors in console, not redirected to 'login failure' page) but I do get redirected back to the login page, which to me indicates an authorization problem. tcpdump on the ldap server also seems to indicate succesful bind.

      ldap server is openldap, accounts are PosixAccont entries. Here's the relevant config snippet in config.xml:

        <useSecurity>true</useSecurity>
        <authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy">
          <permission>hudson.model.Computer.Configure:dkaarsemaker</permission>
          <permission>hudson.model.Computer.Create:dkaarsemaker</permission>
          <permission>hudson.model.Computer.Delete:dkaarsemaker</permission>
          <permission>hudson.model.Hudson.Administer:dkaarsemaker</permission>
          <permission>hudson.model.Hudson.Read:dkaarsemaker</permission>
          <permission>hudson.model.Hudson.RunScripts:dkaarsemaker</permission>
          <permission>hudson.model.Item.Build:dkaarsemaker</permission>
          <permission>hudson.model.Item.Configure:dkaarsemaker</permission>
          <permission>hudson.model.Item.Create:dkaarsemaker</permission>
          <permission>hudson.model.Item.Delete:dkaarsemaker</permission>
          <permission>hudson.model.Item.Read:dkaarsemaker</permission>
          <permission>hudson.model.Item.Workspace:dkaarsemaker</permission>
          <permission>hudson.model.View.Configure:dkaarsemaker</permission>
          <permission>hudson.model.View.Create:dkaarsemaker</permission>
          <permission>hudson.model.View.Delete:dkaarsemaker</permission>
        </authorizationStrategy>
        <securityRealm class="hudson.security.LDAPSecurityRealm">
          <server>ldap://ldap.internal.kaarsemaker.net</server>
          <rootDN>dc=external,dc=kaarsemaker,dc=net</rootDN>
          <inhibitInferRootDN>false</inhibitInferRootDN>
          <userSearchBase>ou=People</userSearchBase>
          <userSearch>uid={0}</userSearch>
          <groupSearchBase>ou=Group</groupSearchBase>
        </securityRealm>
      

          [JENKINS-11182] LDAP authorization fails silently

          Oleg Nenashev added a comment -

          In order to set proper expectation, I have unassigned Kohsuke from this tickets.
          Currently there is no Default assignee in the LDAP plugin, any contributions will be appreciated.

          Oleg Nenashev added a comment - In order to set proper expectation, I have unassigned Kohsuke from this tickets. Currently there is no Default assignee in the LDAP plugin, any contributions will be appreciated.

            Unassigned Unassigned
            seveas Dennis Kaarsemaker
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: