Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6377

Hudson Enforcing Unusual Case-Sensitivity for Login

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Major
    • Resolution: Duplicate
    • _unsorted
    • None
    • Hudson 1.355 in Tomcat 5.5 running on Windows Server 2003, JRE 1.6, Hudson Active Directory plugin 1.16.

    Description

      Under Manage Hudson/Configure System/"Security Realm" I've selected "Active Directory". Hudson is leveraging our organization's Active Directory for user authentication.

      Under "Authorization" I use "Project-based Matrix Authorization Strategy".

      If I log in as "william_leara", everything is fine. If I log in as "William_Leara", I am allowed to log in, but I am missing all permissions specific to me. (e.g. configure slave, configure job, start a build, etc.) It looks like I'm getting "Anonymous" permissions.

      Active Directory is not case-sensitive, so I would expect either "william_leara" or "William_Leara" to work. But the permissions need to be consistent. Alternatively, if there were a technical reason you needed to enforce case-sensitivity, you should disallow "William_Leara" from logging in. It seems broken to me to allow the user to log in, but not grant him his permissions.

      Attachments

        Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-4354 Make Hudson user names case insensitive

          • Major - Major loss of function.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-17674 Expand SecurityRealm to support case insensitivity better

          • Major - Major loss of function.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-22247 Provide an extension point to define user id case sensitivity contract

          • Major - Major loss of function.
          • Resolved

          Activity

            Ascending order - Click to sort in descending order
            garethbowles garethbowles added a comment -

            This also applies to groups; if I define a group MyGroup in AD, any variation on the case of the group name (mygroup, MyGroup), Mygroup, etc.) is recognized in the security configuration as a valid group, but the permissions only work if I'm a member of MyGroup.

            garethbowles garethbowles added a comment - This also applies to groups; if I define a group MyGroup in AD, any variation on the case of the group name (mygroup, MyGroup), Mygroup, etc.) is recognized in the security configuration as a valid group, but the permissions only work if I'm a member of MyGroup.
            andreas_sandberg Andreas Sandberg added a comment -

            Still not resolved using Jenkins 1.473 and the Jenkins Active Directory plugin.

            andreas_sandberg Andreas Sandberg added a comment - Still not resolved using Jenkins 1.473 and the Jenkins Active Directory plugin.
            cforce cforce added a comment -

            Please fix, there so many different requests!

            Related/Dupe to

            https://issues.jenkins-ci.org/browse/JENKINS-3218
            https://issues.jenkins-ci.org/browse/JENKINS-6377
            https://issues.jenkins-ci.org/browse/JENKINS-4354
            https://issues.jenkins-ci.org/browse/JENKINS-4354
            https://issues.jenkins-ci.org/browse/JENKINS-4550
            https://issues.jenkins-ci.org/browse/JENKINS-5436

            cforce cforce added a comment - Please fix, there so many different requests! Related/Dupe to https://issues.jenkins-ci.org/browse/JENKINS-3218 https://issues.jenkins-ci.org/browse/JENKINS-6377 https://issues.jenkins-ci.org/browse/JENKINS-4354 https://issues.jenkins-ci.org/browse/JENKINS-4354 https://issues.jenkins-ci.org/browse/JENKINS-4550 https://issues.jenkins-ci.org/browse/JENKINS-5436
            oleg_nenashev Oleg Nenashev added a comment -

            @Jesse
            the issue could be closed as a duplicate, because Stephen provides the case-insensitive strategy in JENKINS-22247 together with main PR

            oleg_nenashev Oleg Nenashev added a comment - @Jesse the issue could be closed as a duplicate, because Stephen provides the case-insensitive strategy in JENKINS-22247 together with main PR
            oleg_nenashev Oleg Nenashev added a comment -

            Fixed in 1.566+. See JENKINS-22247

            oleg_nenashev Oleg Nenashev added a comment - Fixed in 1.566+. See JENKINS-22247

            People

              kohsuke Kohsuke Kawaguchi
              williamleara williamleara
              Votes:
              4 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: