Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-21882

v1.551 + GitHub OAuth == broken api token access

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      I've reproduced this by setting up a fresh Jenkins install.

      Here are my notes from that install:

      On Ubuntu 12.04.4 LTS

      sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'
      wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
      sudo apt-get update
      sudo apt-get install jenkins

      Visit http://host:8080/configureSecurity/
      Check "Enable security"
      Under the "Access Control" section choose the option "Jenkins’ own user database" under the "Security Realm" header.
      Choose "Save" at the bottom of the page.

      Visit http://host:8080/signup
      Fill out form matching the username to your github username.

      Return to Visit http://host:8080/configureSecurity/
      Under the "Access Control" section unselect "Allow users to sign up" under "Jenkins’ own user database" which is under the "Security Realm" header.
      Under the "Authorization" heading select the option "Logged-in users can do anything".
      Choose "Save" at the bottom of the page.

      Visit http://host:8080/pluginManager/
      Select all plugins with available updates using the link at the bottom of the page and then "install without restart".
      On the subsequent screen choose "Restart Jenkins when installation is complete and no jobs are running."

      At this point running the following produces no error:

      curl --url http://host:8080/user/mr-c --user mr-c:${api_token}

      Install the Github OAuth Plugin (grabs the GitHub API Plugin)
      Return to Visit http://host:8080/configureSecurity/
      Under the "Access Control" section choose the option "Github Authentication Plugin" under the "Security Realm" header.
      GitHub Web URI: https://github.com
      GitHub API URI: https://api.github.com
      Client ID: <masked for security>
      Client Secret: <masked for security>
      Under the "Authorization" heading select the option "Github Commiter Authorization Strategy".
      Admin User Names: mr-c
      Participant in Organization: ged-lab
      Grant READ permissions to all Authenticated Users: yes
      Grant READ permissions for /github-webhook: yes
      Grant READ permissions for Anonymous Users: yes
      Choose "Save" at the bottom of the page.

      Now the command:

      curl --url http://host:8080/user/mr-c --user mr-c:${api_token}

      produces this output:

      HTTP ERROR 401

      Problem accessing /user/mr-c. Reason:
      Unexpected authentication type: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@23fcf1a8: Username: mr-c; Password: [PROTECTED]; Authenticated: false; Details: org.acegisecurity.ui.WebAuthenticationDetails@ffffa64e: RemoteIpAddress: <masked for privacy>; SessionId: null; Not granted any authorities

      This became a problem for me while trying to update my OS X slave using rhwood's jenkins-slave-osx script. I've filed a ticket there:
      https://github.com/rhwood/jenkins-slave-osx/issues/33

        Attachments

          Activity

          Hide
          bezda Tomas Bezdek added a comment -

          works for me now!

          Show
          bezda Tomas Bezdek added a comment - works for me now!
          Hide
          michaelglass Michael Glass added a comment -

          wfm!

          Thanks so much, Soren

          Show
          michaelglass Michael Glass added a comment - wfm! Thanks so much, Soren
          Hide
          skottler Sam Kottler added a comment -

          A fix was merged for this in https://github.com/jenkinsci/github-oauth-plugin/pull/23. Thanks!

          Show
          skottler Sam Kottler added a comment - A fix was merged for this in https://github.com/jenkinsci/github-oauth-plugin/pull/23 . Thanks!
          Hide
          mockturtl mockturtl added a comment -

          `0.16-SNAPSHOT` working, thanks!

          Show
          mockturtl mockturtl added a comment - `0.16-SNAPSHOT` working, thanks!
          Hide
          michaelglass Michael Glass added a comment - - edited

          Sam Kottler can y'all release 0.16 please? Don't want to update my chef repos to install the new version of jenkins until this is up.

          Show
          michaelglass Michael Glass added a comment - - edited Sam Kottler can y'all release 0.16 please? Don't want to update my chef repos to install the new version of jenkins until this is up.

            People

            Assignee:
            skottler Sam Kottler
            Reporter:
            mcrusoe Michael Crusoe
            Votes:
            7 Vote for this issue
            Watchers:
            16 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: