-
Improvement
-
Resolution: Unresolved
-
Major
-
None
When using OpenID in SSO mode it should be possible to send a user-specific OpenID URL (instead of a fixed URL from the configuration settings the user could be requested to provide one when logging in).
We want to use 'OpenID SSO' with a 'Provider URL' directing to our internal OpenID Server (based on Crowd). This OpenID provider does not support one OpenID URL for all users.
At the Moment it is just possible to associate one user-specific OpenID URL in the Configuration. But with this Configuration only this user can login to Jenkins via OpenID. Other Users get an error from the OpenID-Server:
"A request has been made to authenticate an OpenID identifier, different from the one you are logged in as. To use a different OpenID, log out and log in as a different user."
When you say "based on Crowd" is it Crowd or is it not?
The plugin attempts to first treat the given URL as an OpenID and tries to find an endpoint. Failing that it assumes that the URL given is an endpoint itself.
Maybe Crowd advertises a different endpoint URL for each user account? If so, maybe you'd just have to specify the proper OpenID endpoint URL that's not tied to a particular user?