Status: Closed (View Workflow)
Platform: All, OS: All
I've set up hudson (user administration of hudson itself) with Project-based
Matrix Authorization Strategy. I've added my name and gave myself all privileges
(including Read...). If I now close hudson (without doing something else) and
restart it by commandline, I get the following message and have no more access
to the configuration or anything else...
Username: hudson.security.HudsonPrivateSecurityRealm$Details@1d8417c; Password:
[PROTECTED]; Authenticated: true; Details:
XXX.XXX.XXX.XXX; SessionId: 8013c98834de5a46ef9f6277930606ce; Granted
Authorities: authenticated is missing Read
- is duplicated by
JENKINS-2375 project-based matrix repeatably gives: Granted Authorities: is missing Read
r15290 | mindless | 2009-02-13 09:49:36 -0700 (Fri, 13 Feb 2009) | 2 lines
[FIXED JENKINS-2329] LDAP group permissions were not applied when logged in via
For me the issue with remember-me cookie now works (tested on Hudson ver. 1.288).
Although I still need to apply the patch to LDAPBindSecurityRealm.groovy to
tweak it to my LDAP structure, but that seems to be a different issue.
Thanks for resolving it!
great, thanks.. FYI, soon you shouldn't need the groovy patch.. it seems in some
restructuring in 1.280 that setting was lost, but we'll get it added back. see
Thanks for info on #2256! So, I'll just wait for Hudson 1.289 and we'll see
I found that the remember-me service uses the UserDetailsService created in
Hudson's LDAPSecurityRealm.createSecurityComponents() to do the user lookup, and
the LdapUserSearch used in there does not do a group lookup. I can add this,
doing just what acegi's LdapAuthenticationProvider.createUserDetails() does to
lookup and add granted authorities before returning the final UserDetails.