Project-based Matrix Security is not working after Hudson restart

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      This issue has come up in a thread on the Hudson mailing list so thought I'd
      transfer here for an "official" record:

      "I am having a problem when I restart hudson after "successfully" setting up
      matrix based security.

      To set up the Hudson security, I am selecting "Enable Security", then choosing
      "Hudson's own user database" and "Project-based Matrix Authorization Strategy".

      I then give the anonymous account, "Overall-Read" and "Job-Build" rights, and I
      create an admin account that has the right to do everything except "SCM-Tag".

      I save this config and everything works great until I try to restart hudson.

      When I try to restart hudson I can no longer click around and view the builds as
      the non logged in anonymous user like I could before the restart.

      Instead I am only prompted for a username and password. When I enter the admin
      username and password (which worked many times before therestart), I get this
      error message:

      Access Denied
      org.acegisecurity.providers.UsernamePasswordAuthenticationToken@410ce2ce:
      Username: hudson.security.HudsonPrivateSecurityRealm$Details@8e7f54; Password:
      [PROTECTED]; Authenticated: true; Details:
      org.acegisecurity.ui.WebAuthenticationDetails@7798: RemoteIpAddress:
      129.150.66.123; SessionId: 49daddb10088039a2d196487a5ae0a73; Granted
      Authorities: authenticated is missing Read

      I am using Hudson 1.248
      and JDK build 1.5.0_09"

      +

      "I'm experiencing the same problem. While using "Hudson's own user database,"
      I have tried using both the general matrix auth strategy as well as the
      project based version. In both cases I also cannot log in to hudson after
      restarting Tomcat. The error message I get is:
      org.acegisecurity.providers.UsernamePasswordAuthenticationToken@3efe96a3:
      Username: hudson.security.HudsonPrivateSecurityRealm$Details@5777b4d3;
      Password: [PROTECTED]; Authenticated: true; Details:
      org.acegisecurity.ui.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress:
      127.0.0.1; SessionId: A9A673194D39F0426C655FB715F1BB4B; Granted Authorities:
      authenticated is missing Read

      I am using:
      Hudson 1.245
      Tomcat 6.0.16
      Apache 2.2.3 (reverse proxy to hudson on Tomcat)
      Java 1.6.0_06"

      +

      I have the same issue with 1.245 running as Windows service.

            Assignee:
            Unassigned
            Reporter:
            Richard Bywater
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: