-
Bug
-
Resolution: Fixed
-
Major
-
None
I've reproduced this by setting up a fresh Jenkins install.
Here are my notes from that install:
On Ubuntu 12.04.4 LTS
sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'
wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
sudo apt-get update
sudo apt-get install jenkins
Visit http://host:8080/configureSecurity/
Check "Enable security"
Under the "Access Control" section choose the option "Jenkins’ own user database" under the "Security Realm" header.
Choose "Save" at the bottom of the page.
Visit http://host:8080/signup
Fill out form matching the username to your github username.
Return to Visit http://host:8080/configureSecurity/
Under the "Access Control" section unselect "Allow users to sign up" under "Jenkins’ own user database" which is under the "Security Realm" header.
Under the "Authorization" heading select the option "Logged-in users can do anything".
Choose "Save" at the bottom of the page.
Visit http://host:8080/pluginManager/
Select all plugins with available updates using the link at the bottom of the page and then "install without restart".
On the subsequent screen choose "Restart Jenkins when installation is complete and no jobs are running."
At this point running the following produces no error:
curl --url http://host:8080/user/mr-c --user mr-c:${api_token}
Install the Github OAuth Plugin (grabs the GitHub API Plugin)
Return to Visit http://host:8080/configureSecurity/
Under the "Access Control" section choose the option "Github Authentication Plugin" under the "Security Realm" header.
GitHub Web URI: https://github.com
GitHub API URI: https://api.github.com
Client ID: <masked for security>
Client Secret: <masked for security>
Under the "Authorization" heading select the option "Github Commiter Authorization Strategy".
Admin User Names: mr-c
Participant in Organization: ged-lab
Grant READ permissions to all Authenticated Users: yes
Grant READ permissions for /github-webhook: yes
Grant READ permissions for Anonymous Users: yes
Choose "Save" at the bottom of the page.
Now the command:
curl --url http://host:8080/user/mr-c --user mr-c:${api_token}
produces this output:
HTTP ERROR 401
Problem accessing /user/mr-c. Reason:
Unexpected authentication type: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@23fcf1a8: Username: mr-c; Password: [PROTECTED]; Authenticated: false; Details: org.acegisecurity.ui.WebAuthenticationDetails@ffffa64e: RemoteIpAddress: <masked for privacy>; SessionId: null; Not granted any authorities
This became a problem for me while trying to update my OS X slave using rhwood's jenkins-slave-osx script. I've filed a ticket there:
https://github.com/rhwood/jenkins-slave-osx/issues/33
[JENKINS-21882] v1.551 + GitHub OAuth == broken api token access
Jens Nielsen
added a comment - That seems likely and explains why it works on the latest LTS but not on the regular version.
Jens Nielsen
added a comment - That seems likely and explains why it works on the latest LTS but not on the regular version. 
Soren Hansen
added a comment - Oh, found the problem!
Jenkins's User class now calls the loadUserByUsername on the UserDetailsService from the SecurityComponents object on the SecurityRealm, but that doesn't actually call the loadUserByUsername method, but rather provides its own "fake" one in the Github OAuth plugin.
Soren Hansen
added a comment - Oh, found the problem!
Jenkins's User class now calls the loadUserByUsername on the UserDetailsService from the SecurityComponents object on the SecurityRealm, but that doesn't actually call the loadUserByUsername method, but rather provides its own "fake" one in the Github OAuth plugin. Soren Hansen
added a comment - https://github.com/jenkinsci/github-oauth-plugin/pull/23 Soren Hansen
added a comment - Plugin for testing can be found here: https://github.com/sorenh/github-oauth-plugin/releases/tag/0.16-pre-soren
Soren Hansen
added a comment - Plugin for testing can be found here: https://github.com/sorenh/github-oauth-plugin/releases/tag/0.16-pre-soren 
Tomas Bezdek
added a comment - works for me now! 
Michael Glass
added a comment - wfm!
Thanks so much, Soren A fix was merged for this in https://github.com/jenkinsci/github-oauth-plugin/pull/23. Thanks!
mockturtl
added a comment - `0.16-SNAPSHOT` working, thanks! skottler can y'all release 0.16 please? Don't want to update my chef repos to install the new version of jenkins until this is up.
Michael Glass
added a comment - - edited skottler can y'all release 0.16 please? Don't want to update my chef repos to install the new version of jenkins until this is up. 
It seems this broke again after I fixed it. AFter upgrading my Jenkins instance, it again does not work for me.
A number of bugs seem related:
JENKINS-22346JENKINS-20064JENKINS-9258