we recently moved from LDAP to Crowd authentication via Crowd2 plugin.

we are experiencing an issue with a internal custom plugin which check users permissions before executing.

we retrieve build user via

Cause.UserIdCause mycause = (Cause.UserIdCause)build.getCause(Cause.UserIdCause.class);
variables.put("BUILD_USERID", mycause.getUserId());
variables.put("BUILD_USERNAME", mycause.getUserName());

Both variables seems to return the same value, which is

Name Surname (name.surname)

while we expect at least one of the two to be simply

name.surname

so that it could be passed to

UserDetails ud = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(build_user);

With current values, the method is failing since the id is not correctly recognized and Crowd group membership not correctly resolved causing the error:

ERROR: Processing failed due to a bug in the code. Please report this to jenkinsci-users@googlegroups.com
org.springframework.dao.DataRetrievalFailureException: The user 'Name Surname (name.surname)' does not have the permission to login and/or is not a member of the following user group(s) in your Crowd server: 'Jenkins-build-user'
at de.theit.jenkins.crowd.CrowdUserDetailsService.loadUserByUsername(CrowdUserDetailsService.java:94)
at de.theit.jenkins.crowd.CrowdSecurityRealm.loadUserByUsername(CrowdSecurityRealm.java:281)
at com.buongiorno.jenkinsci.plugins.delivery.ScriptBuildWrapper.setUp(ScriptBuildWrapper.java:95)
at hudson.maven.MavenModuleSetBuild$MavenModuleSetBuildExecution.doRun(MavenModuleSetBuild.java:600)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:584)
at hudson.model.Run.execute(Run.java:1575)
at hudson.maven.MavenModuleSetBuild.run(MavenModuleSetBuild.java:477)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:237)