Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Critical
Component/s: _unsorted
Labels:
None
Environment:

Hide
Mac OSX: 10.6.8 Desktop
Java version: 1.6.0_29
Access Control
* Security Realm: LDAP
* Authorization: Project-based Matrix Authorization Strategy
Jenkins: 1.448
Apache
* Server version: Apache/2.2.17 (Unix)
* Server built: Dec 1 2010 09:58:15

Show
Mac OSX: 10.6.8 Desktop Java version: 1.6.0_29 Access Control * Security Realm: LDAP * Authorization: Project-based Matrix Authorization Strategy Jenkins: 1.448 Apache * Server version: Apache/2.2.17 (Unix) * Server built: Dec 1 2010 09:58:15

Running Jenkins behind Apache: mod_proxy with HTTPS
https://wiki.jenkins-ci.org/display/JENKINS/Running+Jenkins+behind+Apache
So our setup is
Open Directory group
jenkins-admin - Jenkins Admins all
dev-group-a - Developers can view kick off builds

Project-based Matrix Authorization Strategy
Admin all checked
dev-group-a checked: Overall:Read Job:Read,Build Run:Update
dev-group-b checked: Overall:Read Job:Read

issue is I'm an admin and random developer will login and see that there user id is mine and can admin jenkins.

there has been reported cases that developer A will login and actually be reported by jenkins as Developer B
were they can no longer trigger CI builds

My biggest concern is when users login and are reporting as admins and have full access to jenkins.

Assignee:: Kohsuke Kawaguchi
Reporter:: guillermo c
Votes:: 10 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: 2012-01-30 19:24
Updated:: 2017-04-15 23:15
Resolved:: 2012-05-04 00:58

Details

Description

Attachments

Activity

People

Dates