-
Bug
-
Resolution: Fixed
-
Critical
-
None
-
ASF Hudson installation, Hudson 1.372, Tomcat 6, running against LDAP
In our Hudson installation, user are authenticated using LDAP. Regular users gets assigned what we call job admin (using a group for this purpose in LDAP), meaning they can administer jobs, but not access the Manage Hudson pieces. However, several users have reported that the intermittently get elevated access, being able to access Manage Hudson. When this happens, the user name in the upper right corner will say "SYSTEM". This happens on refreshing the Hudson web GUI. Users have tried logging out and login using the regular user, which have gotten them back into their expected access rights.
Marking this as critical as it gives users elevated access.
Let me know if there is anything further I can assist in, for example involving our LDAP setup.
Given the behavior we're seeing with this happening on project configuration saving, an often when the save times-out, you're description seems likely. Given this is a frequent problem for our ASF installation, having a fix for this would be most appreciated.