Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42112

HTTP user session is reported as anonymous when using anything but AbstractPasswordBasedSecurityRealm(like google auth)

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Fixed
    • monitoring-plugin
    • None
    • Jenkins LTS 2.32.1.1
      Monitoring 1.63.0

    Description

      The user generated in the HTTP session section reports as anonymous when using non-username/password style login methods.

      Steps to reproduce:
      1. Download the Google login plugin Google Authorization plugin
      2. Create a google authorization login(Screen Shot 2017-02-16 at 11.41.05 AM.png)
      3. Login with said google account
      4. Check the monitoring page under http sessions
      5. Observe anonymous user(Screen Shot 2017-02-16 at 11.37.53 AM.png)

      This also affects the Cloudbees Operations Center to Enterprise communication where the Enterprise version shows anonymous user because it uses a token as well.

      Attachments

        Activity

          Ascending order - Click to sort in descending order
          ataylor Alex Taylor created issue -
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: evernat
          Path:
          src/main/java/org/jvnet/hudson/plugins/monitoring/HudsonMonitoringFilter.java
          http://jenkins-ci.org/commit/monitoring-plugin/5ae983fa1199573e53dacd665e5b610c718819ff
          Log:
          [fixed JENKINS-42112] HTTP user session is reported as anonymous when using anything but AbstractPasswordBasedSecurityRealm

          [fixed JENKINS-42112] HTTP user session is reported as anonymous when
          using anything but AbstractPasswordBasedSecurityRealm (like google login
          plugin)

          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: evernat Path: src/main/java/org/jvnet/hudson/plugins/monitoring/HudsonMonitoringFilter.java http://jenkins-ci.org/commit/monitoring-plugin/5ae983fa1199573e53dacd665e5b610c718819ff Log: [fixed JENKINS-42112] HTTP user session is reported as anonymous when using anything but AbstractPasswordBasedSecurityRealm [fixed JENKINS-42112] HTTP user session is reported as anonymous when using anything but AbstractPasswordBasedSecurityRealm (like google login plugin)
          scm_issue_link SCM/JIRA link daemon made changes -
          Field Original Value New Value
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Resolved [ 5 ]
          evernat evernat made changes -
          Description The user generated in the HTTP session section reports as anonymous when using non-username/password style login methods.

          Steps to reproduce:
          1. Download the Google Authorization plugin
          2. Create a google authorization login(Screen Shot 2017-02-16 at 11.41.05 AM.png)
          3. Login with said google account
          4. Check the monitoring page under http sessions
          5. Observe anonymous user(Screen Shot 2017-02-16 at 11.37.53 AM.png)

          This also affects the Cloudbees Operations Center to Enterprise communication where the Enterprise version shows anonymous user because it uses a token as well.           		The user generated in the HTTP session section reports as anonymous when using non-username/password style login methods.

          Steps to reproduce:
          1. Download the Google login plugin -Google Authorization plugin-
          2. Create a google authorization login(Screen Shot 2017-02-16 at 11.41.05 AM.png)
          3. Login with said google account
          4. Check the monitoring page under http sessions
          5. Observe anonymous user(Screen Shot 2017-02-16 at 11.37.53 AM.png)

          This also affects the Cloudbees Operations Center to Enterprise communication where the Enterprise version shows anonymous user because it uses a token as well.
          evernat evernat added a comment - - edited

          Given the screenshot, I suppose that you mean Google login plugin and not Google Authorization plugin.
          And thanks for the issue, this is fixed now: the user displayed is now the email of the user when using Google login plugin.

          evernat evernat added a comment - - edited Given the screenshot, I suppose that you mean Google login plugin and not Google Authorization plugin. And thanks for the issue, this is fixed now: the user displayed is now the email of the user when using Google login plugin.

          People

            evernat evernat
            ataylor Alex Taylor
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: