Hi. I have the following problem: I set up security to delegate to the container, and use security matrix. Anonymous has no rights at all (all checkboxes are unchecked), and I added one more user, 'admin', with all rights. Admin has the 'admin' role in tomcat-users.xml. I also created a user 'test' with the same roles as admin to make sure the problem is not related to the fact that the username and role are the same - seems not to be the case, it doesn't work anyways.

Now, when go to my jenkins URL, I need to log in, I can't even see any project, which is nice and what I would like to have. However, when I log in, i just get redirected to the login page again. For example, I go to:
http://mydomain:8080/jenkins
and the URL that gets shown is:
http://mydomain:8080/jenkins/loginEntry?from=%2Fjenkins%2F
then I attempt to log in, and just get redirected to the same page.

What is very strange: sometimes, after I restart tomcat, I can login in, then I close the browser (logging out doesn't matter here), open it again, and the problem occurs. This happens in google-chrome and in IE9, works fine in Firefox - that makes is very misterious.

I kind of fixed this by adding a Read permission under Overall for anonymous. This is not the best, as anonymous can still read build history and see people and so on..

Setting this as a blocker, as my company's policy is rather paranoid, and they don't want unauthorized people to see anything, like the committers in the people link or the build history, which are available with the 'fix' mentioned above. Also, pretty much everybody user either IE, or chrome.