Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-68655

Unexpected logout when using Crowd SSO

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Fix
    • Icon: Minor Minor
    • crowd2-plugin
    • None

      Hi,

      I'm not sure this really is a bug, but at least this is really unexpected behaviour when using Crowd SSO.

      We're using Crowd as an SSO solution for a lot of development tools (Jira, Confluence, Bitbucket, etc.). For Jenkins we're using the Crowd2 plugin. Jenkins is protected by matrix security.

      We do have users who don't have access to Jenkins at all. Whenever one of these users is calling Jenkins (e.g. he clicks on a Jenkins link on our landing page or in an email he got), he is explicitly logged out of the Crowd SSO. So when accessing e.g. Jira in the next step, he has to log in again.

      I think the problem is in CrowdRememberMeServices.loginFail(), where logout() is explicitly called. IMHO this shouldn't be the case, at least not if SSO is used.

      Cheers

      Thomas

            dumam Bartosz Nowak
            koellth Thomas
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: