Hi,
Sorry for the delay on getting back to this. I've now gotten around to testing
this with the latest Hudson (1.292 - there is no changelog for this yet which
worries me a little
- should the problem be fixed there too?
I did the following. Downloaded 1.292 war and dropped it into
/var/lib/tomcat6/webapps - Hudson seemed to auto-upgrade (good work on this
guys, very painless).
I then did the following. Added a new group to LDAP - ldaptestgrp which resulted
in the following entry in LDAP:
dn: cn=ldaptestgrp,ou=Groups,dc=example,dc=net
objectClass: top
objectClass: posixGroup
cn: ldaptestgrp
gidNumber: 10017
description: Group account
I then added a user account with the above as it's default group resulting in
the following entry:
dn: uid=ldaptest,ou=People,dc=example,dc=net
sn: test
givenName: ldap
uid: ldaptest
cn: ldaptest
homeDirectory: /home/ldaptest
loginShell: /bin/bash
uidNumber: 10015
gidNumber: 10017
gecos: ldaptest
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: gosaAccount
description: User account
NOTE: these are associated by gidNumber in the user entry rather than by
memberUid in the group entry (because this is the user's primary group).
I then added a second test group to LDAP and made ldaptest a member of it -
resulting in the following entry,
dn: cn=ldaptestgrp2,ou=Groups,dc=example,dc=net
objectClass: top
objectClass: posixGroup
cn: ldaptestgrp2
gidNumber: 10018
description: Group account
memberUid: ldaptest
Note that this time it does use memberUid as Hudson expects.
I then tried adding first ldaptestgrp and then ldaptestgrp2 to the permissions
matrix and enabling most permissions (except the admin ones). In both test cases
(using ldaptestgrp and ldaptestgrp2) - I still get the following error in Hudson
immediately after logging in
Access Denied
ldaptest is missing the Read permission
There is no additional information in the Hudson logs (Hudson logging is running
with all defaults, not sure if I need to enable something specific to see
details of authentication?).
any update? let us know if we can close this issue. 1.291 is looking like a
good build stability-wise, good upgrade candidate.