• Type: Bug
• Resolution: Won't Fix
• Priority: Minor
• Component/s: deploy-plugin
• Labels:

  • plugin
  • security

[JENKINS-28377] Add functionality for NTLM authentication

Edward Quick created issue - 2015-05-13 12:52

Edward Quick made changes - 2016-04-11 16:13

Description

Original: The following tomcat manager can only be accessed by NTLM. This works fine with curl as shown below: $ curl -k --ntlm -u "INTRANET\quickedw_web" -c cookie https://10.72.19.10:8203/manager/list Enter host password for user 'INTRANET\quickedw_web': OK - Listed applications for virtual host localhost /manager:running:1:manager /probe:running:0:probe But when using the deploy-plugin this fails. My settings are in illustated in the attached screenshot, along with the jenkins output. This is the response logged in tomcat: May 13, 2015 1:42:45 PM org.apache.catalina.core.ApplicationContext log INFO: Manager: init: Associated with Deployer 'Catalina:type=Deployer,host=localhost' May 13, 2015 1:42:45 PM org.apache.catalina.core.ApplicationContext log INFO: Manager: init: Global resources are available Request from Internal User :: Forwarding to VSJ Filter Problem authenticating to directory ldnpsm00057.intranet.SNAKEOIL.com/31.12.1.44:389: com.wedgetail.idm.sso.directory.DirectoryException: Error binding to directory [caused by: LDAPException: No response to bind request (1) Operations Error] Problem following referral to ldap://DomainDnsZones.INTRANET.SNAKEOIL.com:389/DC=DomainDnsZones,DC=INTRANET,DC=SNAKEOIL,DC=com/??base: com.wedgetail.idm.sso.directory.DirectoryException: Error binding to directory [caused by: LDAPException: No response to bind request (1) Operations Error] Could not find entry for user "sysTomcatManager" in domain "INTRANET.SNAKEOIL.COM" Session ID: AC6CDCD4F7B1624A73DB4778188CF7F0.quick_ldndsr000004832         Request: /manager/list         Remote: 10.144.97.70         Principal: sysTomcatManager@INTRANET.SNAKEOIL.COM         Message: Invalid username or password Request from Internal User :: Forwarding to VSJ Filter Request from Internal User :: Forwarding to VSJ Filter NTLM token from 10.144.97.70 is Type 3 but we have no saved challenge: "NTLM TlRMTVNTUAADAAAAGAAYAKYAAAAYABgAvgAAABAAEABYAAAAIAAgAGgAAAAeAB4AiAAAAAAAAADWAAAABQIAAgYBsR0AAAAPYl5u3Gj2+B7hnlp1H+dD80kATgBUAFIAQQBOAEUAVABOAFkASwBQAFMATQAwADIAMAAwADAAMwAzADUANQAkAE4AWQBLAFAAUwBNADAAMgAwADAAMAAzADMANQA1AHrZ5XwnLZVEhtvqXiEAbSNI3bhBahiE63rZ5XwnLZVEhtvqXiEAbSNI3bhBahiE6w==" Session ID: 8A4C0E7866EB3C035ECF3A372D7F2168.quick_ldndsr000004832         Request: /manager/list         Remote: 10.144.97.70         Principal: sysTomcatManager@INTRANET.SNAKEOIL.COM         Message: Could not authorize request: com.wedgetail.idm.sso.ntlm.NtlmException: NTLM token is Type 3 but we have no saved challenge: "NTLM TlRMTVNTUAADAAAAGAAYAKYAAAAYABgAvgAAABAAEABYAAAAIAAgAGgAAAAeAB4AiAAAAAAAAADWAAAABQIAAgYBsR0AAAAPYl5u3Gj2+B7hnlp1H+dD80kATgBUAFIAQQBOAEUAVABOAFkASwBQAFMATQAwADIAMAAwADAAMwAzADUANQAkAE4AWQBLAFAAUwBNADAAMgAwADAAMAAzADMANQA1AHrZ5XwnLZVEhtvqXiEAbSNI3bhBahiE63rZ5XwnLZVEhtvqXiEAbSNI3bhBahiE6w=="

Edward Quick made changes - 2016-04-11 16:13

Attachment

Original: jenkins_output.txt [ 29779 ]

Edward Quick made changes - 2016-04-11 16:13

Resolution		New: Won't Fix [ 2 ]
Status	Original: Open [ 1 ]	New: Closed [ 6 ]

Edward Quick made changes - 2016-04-11 16:14

Assignee		New: Edward Quick [ equick ]
Resolution	Original: Won't Fix [ 2 ]
Status	Original: Closed [ 6 ]	New: Reopened [ 4 ]

Edward Quick made changes - 2016-04-11 16:15

Attachment

Original: deploy_settings.jpg [ 29780 ]

Edward Quick made changes - 2016-04-11 16:15

Status

Original: Reopened [ 4 ]

New: Open [ 1 ]

Edward Quick made changes - 2016-04-11 16:15

Resolution		New: Won't Fix [ 2 ]
Status	Original: Open [ 1 ]	New: Closed [ 6 ]

R. Tyler Croy made changes - 2016-07-26 00:01

Workflow

Original: JNJira [ 163215 ]

New: JNJira + In-Review [ 208771 ]