• Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None

      I have found that when checking the remember me checkbox when logging in using AD security, the cookie gets created properly with good contents.

      But if you close your browser and then re-open it, Hudson overwrites the existing cookie immediately which clears out any remembered authorization values, therefore forcing a re-login to be necessary.

      Cookie before closing browser after logging in using AD Security with Rememeber Me checkbox selected:

      iconSize
      16x16
      SERVERNAME/
      1024
      240850816
      30086254
      4282440880
      30062970
      *
      hudson_auto_refresh
      false
      SERVERNAME/
      1024
      3612804608
      30069802
      3778355968
      30063767
      *
      ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE
      "HASH REMOVED FOR SECURITY PURPOSES"
      SERVERNAME/
      1024
      3597763072
      30066743
      2232728608
      30063927
      *

      Cookie after closing browser and re-opening to Hudson Dashboard:

      iconSize
      16x16
      SERVERNAME/
      1024
      240850816
      30086254
      4282440880
      30062970
      *
      hudson_auto_refresh
      false
      SERVERNAME/
      1024
      3612804608
      30069802
      3778355968
      30063767
      *

      Thanks.

          [JENKINS-5854] AD Login Remember Me functionailty inactive

          Peter Hayes added a comment -

          reassigning to the active directory plugin.

          Peter Hayes added a comment - reassigning to the active directory plugin.

          Added another environment.

          Sagar Khushalani added a comment - Added another environment.

          dan_yell added a comment -

          Added another environment

          dan_yell added a comment - Added another environment

          Added environment. Changed "assignee" to automatic.

          Sagar Khushalani added a comment - Added environment. Changed "assignee" to automatic.

          As of 1.449 + AD v1.25, one workaround is to provide the bind DN and password (a secondary login credential.) Jenkins will use it to retrieve the group membership information of the user trying to access via the remember me token.

          More proper fix needs to come from the core to remember the last membership information the user had.

          Kohsuke Kawaguchi added a comment - As of 1.449 + AD v1.25, one workaround is to provide the bind DN and password (a secondary login credential.) Jenkins will use it to retrieve the group membership information of the user trying to access via the remember me token. More proper fix needs to come from the core to remember the last membership information the user had.

            Unassigned Unassigned
            jburrows John Burrows
            Votes:
            14 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated: