Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-61589

role-strategy-plugin does not respect distributed lists

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • role-strategy-plugin
    • None
    • Jenkins ver. 2.225
      openjdk version 1.8.0_242
      role-strategy-plugin 2.16
      Linux Ubuntu 16.04

    Description

      Hi,

      we are trying to get the role-strategy-plugin working without success using distributed lists.

      Assigning item roles to a DL is working but the user inside the DL does not receive any permissions.

      Assigning a single user is working so the pattern works but does not make sense because we have a lot of users.

      The DL is listed with a group symbol so my guess is that AD is working in my eyes so no problems here.

       

      Is someone else having this problem?

       

      Thanks and best regards

      Tobias

      Attachments

        Activity

          oleg_nenashev Oleg Nenashev added a comment -

          My guess is that the Active Directory plugin does not properly list authorities in the distributed lists. It can be checked by going to the /whoAmI page for users who are supposed to have permissions.

          Also, there are some permission caching issues reported for recent weekly releases. I still need to investigate them, but it would be great if you could check whether the issue remains after the restrt

          oleg_nenashev Oleg Nenashev added a comment - My guess is that the Active Directory plugin does not properly list authorities in the distributed lists. It can be checked by going to the /whoAmI page for users who are supposed to have permissions. Also, there are some permission caching issues reported for recent weekly releases. I still need to investigate them, but it would be great if you could check whether the issue remains after the restrt

          oleg_nenashev Thanks. The DL we assigned to roles is listed in the /whoAmI page of the users. What should I restart? Jenkins? We already did that many times. The problem exists since we installed the plugin in October 2019.

          toho Tobias Honacker added a comment - oleg_nenashev Thanks. The DL we assigned to roles is listed in the /whoAmI page of the users. What should I restart? Jenkins? We already did that many times. The problem exists since we installed the plugin in October 2019.
          oleg_nenashev Oleg Nenashev added a comment -

          Then I will investigate it as a part of the general caching problem.

          If you could provide an Active Directory Docker image which helps to reproduce the issue, it would help. I do not have AD, and I doubt I will be able to quickly reproduce the issue

          oleg_nenashev Oleg Nenashev added a comment - Then I will investigate it as a part of the general caching problem. If you could provide an Active Directory Docker image which helps to reproduce the issue, it would help. I do not have AD, and I doubt I will be able to quickly reproduce the issue

          oleg_nenashev Nope sorry. Another department is responsible for our AD. Let me know if you need further information.

          toho Tobias Honacker added a comment - oleg_nenashev Nope sorry. Another department is responsible for our AD. Let me know if you need further information.
          ianw Ian Williams added a comment -

          toho, just wondering if perhaps all the rest of these were created in error; they appear  to be duplicates of this:
          Bug   Major  JENKINS-61543
          Bug   Major  JENKINS-61544
          Bug   Major  JENKINS-61552
          Bug   Major  JENKINS-61567
          Bug   Major  JENKINS-61585
          Bug   Minor  JENKINS-61549
          Task  Major  JENKINS-61551

          ianw Ian Williams added a comment - toho , just wondering if perhaps all the rest of these were created in error; they appear  to be duplicates of this: Bug   Major  JENKINS-61543 Bug   Major  JENKINS-61544 Bug   Major  JENKINS-61552 Bug   Major  JENKINS-61567 Bug   Major  JENKINS-61585 Bug   Minor  JENKINS-61549 Task  Major  JENKINS-61551

          ianw wow okay, I was not aware that this ticket was duplicated 7 times. Sorry. I don't have the permission to close them.

          toho Tobias Honacker added a comment - ianw wow okay, I was not aware that this ticket was duplicated 7 times. Sorry. I don't have the permission to close them.
          oleg_nenashev Oleg Nenashev added a comment -

           Yes. The current state of the tracker is a mess. Due to some personal reasons, I have been unable to secure time for a proper caching fix

          oleg_nenashev Oleg Nenashev added a comment -  Yes. The current state of the tracker is a mess. Due to some personal reasons, I have been unable to secure time for a proper caching fix

          People

            oleg_nenashev Oleg Nenashev
            toho Tobias Honacker
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: