-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Using Jenkins 2.272
OS is Linux (Ubuntu 18.04 LTS)
Web browser doesn;t matter
Java version is OpenJDK 8
Plug-ins are:
JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1
Ant Plugin (ant): 1.11
OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1
Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.10-2.0
Authentication Tokens API Plugin (authentication-tokens): 1.4
Azure Container Service Plugin (azure-acs): 1.0.3
Azure AD Plugin (azure-ad): 1.2.1
Azure App Service Plugin (azure-app-service): 1.0.1
Azure CLI Plugin (azure-cli): 0.9
Azure Commons Plugin (azure-commons): 1.0.5
Azure Container Agents Plugin (azure-container-agents): 1.2.0
Azure Container Registry Tasks Plugin (azure-container-registry-tasks): 0.6.4
Azure Credentials (azure-credentials): 4.0.5
Azure VM Agents (azure-vm-agents): 1.5.1
Common API for Blue Ocean (blueocean-commons): 1.24.3
REST API for Blue Ocean (blueocean-rest): 1.24.3
Bootstrap 4 API Plugin (bootstrap4-api): 4.5.3-1
bouncycastle API Plugin (bouncycastle-api): 2.18
Branch API Plugin (branch-api): 2.6.3
Build Timeout (build-timeout): 1.20
Checks API plugin (checks-api): 1.1.1
Cloud Statistics Plugin (cloud-stats): 0.25
Folders Plugin (cloudbees-folder): 6.15
Command Agent Launcher Plugin (command-launcher): 1.5
Copy Artifact Plugin (copyartifact): 1.45.3
Credentials Plugin (credentials): 2.3.14
Credentials Binding Plugin (credentials-binding): 1.24
Display URL API (display-url-api): 2.3.4
Docker Commons Plugin (docker-commons): 1.17
Docker API Plugin (docker-java-api): 3.1.5.2
Durable Task Plugin (durable-task): 1.35
ECharts API Plugin (echarts-api): 4.9.0-2
Email Extension Plugin (email-ext): 2.80
Font Awesome API Plugin (font-awesome-api): 5.15.1-1
Git plugin (git): 4.5.0
Git client plugin (git-client): 3.5.1
GIT server Plugin (git-server): 1.9
GitHub plugin (github): 1.32.0
GitHub API Plugin (github-api): 1.117
GitHub Branch Source Plugin (github-branch-source): 2.9.2
Gradle Plugin (gradle): 1.36
JavaScript GUI Lib: Handlebars bundle plugin (handlebars): 1.1.1
Jackson 2 API Plugin (jackson2-api): 2.12.0
Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.4
JQuery3 API Plugin (jquery3-api): 3.5.1-2
JSch dependency plugin (jsch): 0.1.55.2
JUnit Plugin (junit): 1.47
Kubernetes Continuous Deploy Plugin (kubernetes-cd): 2.3.1
LDAP Plugin (ldap): 2.2
Lockable Resources plugin (lockable-resources): 2.10
Mailer Plugin (mailer): 1.32.1
Matrix Authorization Strategy Plugin (matrix-auth): 2.6.4
Matrix Project Plugin (matrix-project): 1.18
JavaScript GUI Lib: Moment.js bundle plugin (momentjs): 1.1.1
OkHttp Plugin (okhttp-api): 3.14.9
PAM Authentication plugin (pam-auth): 1.6
Pipeline: Build Step (pipeline-build-step): 2.13
Pipeline: GitHub Groovy Libraries (pipeline-github-lib): 1.0
Pipeline Graph Analysis Plugin (pipeline-graph-analysis): 1.10
Pipeline: Input Step (pipeline-input-step): 2.12
Pipeline: Milestone Step (pipeline-milestone-step): 1.3.1
Pipeline: Model API (pipeline-model-api): 1.7.2
Pipeline: Declarative (pipeline-model-definition): 1.7.2
Pipeline: Declarative Extension Points API (pipeline-model-extensions): 1.7.2
Pipeline: REST API Plugin (pipeline-rest-api): 2.19
Pipeline: Stage Step (pipeline-stage-step): 2.5
Pipeline: Stage Tags Metadata (pipeline-stage-tags-metadata): 1.7.2
Pipeline: Stage View Plugin (pipeline-stage-view): 2.19
Plain Credentials Plugin (plain-credentials): 1.7
Plugin Utilities API Plugin (plugin-util-api): 1.6.1
Popper.js API Plugin (popper-api): 1.16.0-7
Resource Disposer Plugin (resource-disposer): 0.14
SCM API Plugin (scm-api): 2.6.4
Script Security Plugin (script-security): 1.75
Snakeyaml API Plugin (snakeyaml-api): 1.27.0
SSH Credentials Plugin (ssh-credentials): 1.18.1
SSH Build Agents plugin (ssh-slaves): 1.31.4
Structs Plugin (structs): 1.20
Timestamper (timestamper): 1.11.8
Token Macro Plugin (token-macro): 2.13
Trilead API Plugin (trilead-api): 1.0.13
Windows Azure Storage plugin (windows-azure-storage): 1.1.6
Pipeline (workflow-aggregator): 2.6
Pipeline: API (workflow-api): 2.40
Pipeline: Basic Steps (workflow-basic-steps): 2.23
Pipeline: Groovy (workflow-cps): 2.87
Pipeline: Shared Groovy Libraries (workflow-cps-global-lib): 2.17
Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37
Pipeline: Job (workflow-job): 2.40
Pipeline: Multibranch (workflow-multibranch): 2.22
Pipeline: SCM Step (workflow-scm-step): 2.11
Pipeline: Step API (workflow-step-api): 2.23
Pipeline: Supporting APIs (workflow-support): 3.7
Workspace Cleanup Plugin (ws-cleanup): 0.38Using Jenkins 2.272 OS is Linux (Ubuntu 18.04 LTS) Web browser doesn;t matter Java version is OpenJDK 8 Plug-ins are: JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1 Ant Plugin (ant): 1.11 OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1 Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.10-2.0 Authentication Tokens API Plugin (authentication-tokens): 1.4 Azure Container Service Plugin (azure-acs): 1.0.3 Azure AD Plugin (azure-ad): 1.2.1 Azure App Service Plugin (azure-app-service): 1.0.1 Azure CLI Plugin (azure-cli): 0.9 Azure Commons Plugin (azure-commons): 1.0.5 Azure Container Agents Plugin (azure-container-agents): 1.2.0 Azure Container Registry Tasks Plugin (azure-container-registry-tasks): 0.6.4 Azure Credentials (azure-credentials): 4.0.5 Azure VM Agents (azure-vm-agents): 1.5.1 Common API for Blue Ocean (blueocean-commons): 1.24.3 REST API for Blue Ocean (blueocean-rest): 1.24.3 Bootstrap 4 API Plugin (bootstrap4-api): 4.5.3-1 bouncycastle API Plugin (bouncycastle-api): 2.18 Branch API Plugin (branch-api): 2.6.3 Build Timeout (build-timeout): 1.20 Checks API plugin (checks-api): 1.1.1 Cloud Statistics Plugin (cloud-stats): 0.25 Folders Plugin (cloudbees-folder): 6.15 Command Agent Launcher Plugin (command-launcher): 1.5 Copy Artifact Plugin (copyartifact): 1.45.3 Credentials Plugin (credentials): 2.3.14 Credentials Binding Plugin (credentials-binding): 1.24 Display URL API (display-url-api): 2.3.4 Docker Commons Plugin (docker-commons): 1.17 Docker API Plugin (docker-java-api): 3.1.5.2 Durable Task Plugin (durable-task): 1.35 ECharts API Plugin (echarts-api): 4.9.0-2 Email Extension Plugin (email-ext): 2.80 Font Awesome API Plugin (font-awesome-api): 5.15.1-1 Git plugin (git): 4.5.0 Git client plugin (git-client): 3.5.1 GIT server Plugin (git-server): 1.9 GitHub plugin (github): 1.32.0 GitHub API Plugin (github-api): 1.117 GitHub Branch Source Plugin (github-branch-source): 2.9.2 Gradle Plugin (gradle): 1.36 JavaScript GUI Lib: Handlebars bundle plugin (handlebars): 1.1.1 Jackson 2 API Plugin (jackson2-api): 2.12.0 Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.4 JQuery3 API Plugin (jquery3-api): 3.5.1-2 JSch dependency plugin (jsch): 0.1.55.2 JUnit Plugin (junit): 1.47 Kubernetes Continuous Deploy Plugin (kubernetes-cd): 2.3.1 LDAP Plugin (ldap): 2.2 Lockable Resources plugin (lockable-resources): 2.10 Mailer Plugin (mailer): 1.32.1 Matrix Authorization Strategy Plugin (matrix-auth): 2.6.4 Matrix Project Plugin (matrix-project): 1.18 JavaScript GUI Lib: Moment.js bundle plugin (momentjs): 1.1.1 OkHttp Plugin (okhttp-api): 3.14.9 PAM Authentication plugin (pam-auth): 1.6 Pipeline: Build Step (pipeline-build-step): 2.13 Pipeline: GitHub Groovy Libraries (pipeline-github-lib): 1.0 Pipeline Graph Analysis Plugin (pipeline-graph-analysis): 1.10 Pipeline: Input Step (pipeline-input-step): 2.12 Pipeline: Milestone Step (pipeline-milestone-step): 1.3.1 Pipeline: Model API (pipeline-model-api): 1.7.2 Pipeline: Declarative (pipeline-model-definition): 1.7.2 Pipeline: Declarative Extension Points API (pipeline-model-extensions): 1.7.2 Pipeline: REST API Plugin (pipeline-rest-api): 2.19 Pipeline: Stage Step (pipeline-stage-step): 2.5 Pipeline: Stage Tags Metadata (pipeline-stage-tags-metadata): 1.7.2 Pipeline: Stage View Plugin (pipeline-stage-view): 2.19 Plain Credentials Plugin (plain-credentials): 1.7 Plugin Utilities API Plugin (plugin-util-api): 1.6.1 Popper.js API Plugin (popper-api): 1.16.0-7 Resource Disposer Plugin (resource-disposer): 0.14 SCM API Plugin (scm-api): 2.6.4 Script Security Plugin (script-security): 1.75 Snakeyaml API Plugin (snakeyaml-api): 1.27.0 SSH Credentials Plugin (ssh-credentials): 1.18.1 SSH Build Agents plugin (ssh-slaves): 1.31.4 Structs Plugin (structs): 1.20 Timestamper (timestamper): 1.11.8 Token Macro Plugin (token-macro): 2.13 Trilead API Plugin (trilead-api): 1.0.13 Windows Azure Storage plugin (windows-azure-storage): 1.1.6 Pipeline (workflow-aggregator): 2.6 Pipeline: API (workflow-api): 2.40 Pipeline: Basic Steps (workflow-basic-steps): 2.23 Pipeline: Groovy (workflow-cps): 2.87 Pipeline: Shared Groovy Libraries (workflow-cps-global-lib): 2.17 Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37 Pipeline: Job (workflow-job): 2.40 Pipeline: Multibranch (workflow-multibranch): 2.22 Pipeline: SCM Step (workflow-scm-step): 2.11 Pipeline: Step API (workflow-step-api): 2.23 Pipeline: Supporting APIs (workflow-support): 3.7 Workspace Cleanup Plugin (ws-cleanup): 0.38
Attempting to enable Azure Active Directory Matrix-based security prevents configurations from being modifiable. This is a problem for those that only want specific people in an Azure AD from accessing the Jenkins server.
To reproduce this problem do the following:
- Install Jenkins
- Setup a reverse proxy with HTTPS
- Install Azure AD plugin
- Enable Azure Active Directory Authentication
- Enable Azure Active Directory Matrix-based security to try to further restrict allowed users.
- Apply/Save. You should get an access denied since you were authenticated via Jenkin's database.
- Log back in with your Azure credentials
- Create a new item of any kind
- Try to Apply/Save a configuration.
If you repeat all the steps correctly, you'll end not seeing a green confirmation banner nor be redirected when clicking save.
Upon opening a configuration while having the Inspect window opened, the errors in the attached files appear
