Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-2305

Project-based Matrix Security is not working after Hudson restart

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical Critical
    • _unsorted
    • None
    • Platform: All, OS: All

      This issue has come up in a thread on the Hudson mailing list so thought I'd
      transfer here for an "official" record:

      "I am having a problem when I restart hudson after "successfully" setting up
      matrix based security.

      To set up the Hudson security, I am selecting "Enable Security", then choosing
      "Hudson's own user database" and "Project-based Matrix Authorization Strategy".

      I then give the anonymous account, "Overall-Read" and "Job-Build" rights, and I
      create an admin account that has the right to do everything except "SCM-Tag".

      I save this config and everything works great until I try to restart hudson.

      When I try to restart hudson I can no longer click around and view the builds as
      the non logged in anonymous user like I could before the restart.

      Instead I am only prompted for a username and password. When I enter the admin
      username and password (which worked many times before therestart), I get this
      error message:

      Access Denied
      org.acegisecurity.providers.UsernamePasswordAuthenticationToken@410ce2ce:
      Username: hudson.security.HudsonPrivateSecurityRealm$Details@8e7f54; Password:
      [PROTECTED]; Authenticated: true; Details:
      org.acegisecurity.ui.WebAuthenticationDetails@7798: RemoteIpAddress:
      129.150.66.123; SessionId: 49daddb10088039a2d196487a5ae0a73; Granted
      Authorities: authenticated is missing Read

      I am using Hudson 1.248
      and JDK build 1.5.0_09"

      +

      "I'm experiencing the same problem. While using "Hudson's own user database,"
      I have tried using both the general matrix auth strategy as well as the
      project based version. In both cases I also cannot log in to hudson after
      restarting Tomcat. The error message I get is:
      org.acegisecurity.providers.UsernamePasswordAuthenticationToken@3efe96a3:
      Username: hudson.security.HudsonPrivateSecurityRealm$Details@5777b4d3;
      Password: [PROTECTED]; Authenticated: true; Details:
      org.acegisecurity.ui.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress:
      127.0.0.1; SessionId: A9A673194D39F0426C655FB715F1BB4B; Granted Authorities:
      authenticated is missing Read

      I am using:
      Hudson 1.245
      Tomcat 6.0.16
      Apache 2.2.3 (reverse proxy to hudson on Tomcat)
      Java 1.6.0_06"

      +

      I have the same issue with 1.245 running as Windows service.

            Unassigned Unassigned
            r2b2_nz Richard Bywater
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: