It sounds an issue not of authorize-project but of Jenkins core.
Changed the component.

Okay, thanks... Who can reproduce this issue?

Please provide more information.

• What version of Jenkins?
• What authorization strategy (e.g. Role Strategy plugin, Project-based matrix auth), what authentication realm (e.g. Jenkins user database, LDAP, ...) are you using?
• If any of this is provided by a plugin, specify its version.
• Please provide the full, exact configuration (e.g. via screenshot or config xml excerpt) of both authentication realm and authorization strategy.
• Log in as admin user and as beta tester and provide the output of the /whoAmiI web page

Reducing priority until an issue can be confirmed.

• ver. 1.572
• Project-based matrix auth, Jenkins user database

Who am I of admin:

Name: ADMIN
IsAuthenticated?: true
Authorities:

"authenticated"

Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: xxx.xxx.xxx.xxx; SessionId: xxxxx
toString: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@450a582b: Username: hudson.security.HudsonPrivateSecurityRealm$Details@78af304f; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: xxx.xxx.xxx.xxx; SessionId: xxxx; Granted Authorities: authenticated
Request Headers
cookie JSESSIONIDxxxxxxxxx; screenResolution=1920x1080
host xxxxxxx
accept text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
content-length 0
Accept-Language de,en-US;q=0.7,en;q=0.3
connection keep-alive
user-agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0
Accept-Encoding gzip, deflate

Who am I of beta tester:

Name: BETATESTER
IsAuthenticated?: true
Authorities:

"authenticated"

Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: xxx.xxx.xxx.xxx; SessionId: xxxxx
toString: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@d96656e0: Username: hudson.security.HudsonPrivateSecurityRealm$Details@c781c3b; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress: xxx.xxx.xxx.xxx; SessionId: xxxxxx; Granted Authorities: authenticated
Request Headers
cookie JSESSIONIDxxxxx; screenResolution=1440x900
host xxxxx
accept text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
content-length 0
Accept-Language de,en-US;q=0.7,en;q=0.3
connection keep-alive
user-agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0
Accept-Encoding gzip, deflate

Alright, that's a bit less information than I expected due to the removal of user names.

Double-check that the user names are identical. Verify especially user name case (also during login), as 'FOO' may be treated differently from 'foo'.

If you use folders, make sure that the user is granted read access to all parent/ancestor folders.

Note that giving admins per-project privileges is completely useless, Overall/Administer implies all other privileges that exist by default.

Ok, i can locate the true issue:
The user is added as example with username betatester. In project settings I’ve granted the rights to user BetaTester. The rights will not grant. It's equal by login with both of this usernames. But the right table in project settings will display the person icon, but not the error icon. That will only display if I added a completely different username (that not exist).

I think the best way is to ignore upper- and lowercase in the right table (equals to the login).

I think the issue can be closed with JENKINS-22247, right?

ffw_patric: I don't think so, see JENKINS-23872 and its comments.

Hi, can you tell me the current status of this request?

Code changed in jenkins
User: Stephen Connolly
Path:
src/main/java/hudson/security/AuthorizationMatrixProperty.java
src/main/java/hudson/security/GlobalMatrixAuthorizationStrategy.java
http://jenkins-ci.org/commit/matrix-auth-plugin/e9868798f857a254ab447be9e5b134497a38c2fd
Log:
[FIXED JENKINS-23805] Add support for case insensitive auth realms to matrix auth

• Fix findbugs issues on new core

Code changed in jenkins
User: Stephen Connolly
Path:
pom.xml
src/main/java/hudson/security/AuthorizationMatrixProperty.java
src/main/java/hudson/security/GlobalMatrixAuthorizationStrategy.java
src/main/java/hudson/security/ProjectMatrixAuthorizationStrategy.java
src/test/java/com/cloudbees/hudson/plugins/folder/properties/IdStrategyTest.java
http://jenkins-ci.org/commit/matrix-auth-plugin/6ce42a114d184d5277ef0f05800ab36c88898e43
Log:
Merge pull request #9 from jenkinsci/case-sensitivity-support

JENKINS-23805 Add support for the security realm's provided case sensitivity

Compare: https://github.com/jenkinsci/matrix-auth-plugin/compare/ae9771ee7c2b...6ce42a114d18

Hi,

Just installed the new version and it looks good for the global security configuration. Have you also tested the fix with folders? For me, it doesn't work with folders. So the user could login with case insensitive username, but he can't see the folders with different username writing.

Best regards,

Wilm

Hi,

On a freshly installed Jenkins 2.7.4 with the Matrix auth plugin 1.7, for each (user, permission) checked in the Global permission matrix or in a job specific permission matrix, (including Anonymous user), I get the following NPE when opening the configureSecurity or the job configure page, which I don't get if I downgrade to Matrix auth 1.6:

 (Full stack uploaded as an attachment: NPE.txt)

Aug 11, 2017 5:58:22 PM hudson.ExpressionFactory2$JexlExpression evaluate
WARNING: Caught exception evaluating: instance.hasExplicitPermission(attrs.sid,p) in /configureSecurity/. Reason: java.lang.NullPointerException
java.lang.NullPointerException
    at java.lang.String$CaseInsensitiveComparator.compare(String.java:1193)
    at java.lang.String$CaseInsensitiveComparator.compare(String.java:1186)
    at java.lang.String.compareToIgnoreCase(String.java:1239)
    at hudson.util.CaseInsensitiveComparator.compare(CaseInsensitiveComparator.java:40)
    at hudson.util.CaseInsensitiveComparator.compare(CaseInsensitiveComparator.java:34)
    at jenkins.model.IdStrategy$CaseInsensitive.compare(IdStrategy.java:176)
    at jenkins.model.IdStrategy.equals(IdStrategy.java:90)
    at hudson.security.GlobalMatrixAuthorizationStrategy.hasExplicitPermission(GlobalMatrixAuthorizationStrategy.java:238)
    at sun.reflect.GeneratedMethodAccessor134.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.commons.jexl.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:258)
    at org.apache.commons.jexl.parser.ASTMethod.execute(ASTMethod.java:104)
    at org.apache.commons.jexl.parser.ASTReference.execute(ASTReference.java:83)
    at org.apache.commons.jexl.parser.ASTReference.value(ASTReference.java:57)
    at org.apache.commons.jexl.parser.ASTReferenceExpression.value(ASTReferenceExpression.java:51)
    at org.apache.commons.jexl.ExpressionImpl.evaluate(ExpressionImpl.java:80)
    at hudson.ExpressionFactory2$JexlExpression.evaluate(ExpressionFactory2.java:74)
    [...snip...]

The NPE does not affect anything. It will be fixed towards 1.8.

Many thanks!

Yes, it does indeed not affect the behavior, but with many users, it leads to huge logs in which finding other informations gets much harder.