Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38034

SAML Plugin does not load groups when access with API Token

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: saml-plugin
    • Labels:
    • Environment:
      Core 1.651
      SAML Plugin 0.6
    • Similar Issues:

      Description

      If you access with a user with a REST Call and API token all the Authorizations grups that are obtained from SAML does not apply.
      You have a user JohnDoe, this user have administrator group assigned in SAML, when you have to access with a REST call and the API token of this user to restart the instance, Jenkins return you and a 403 error unauthorize because you do not have overall/administer, that is incorrect you are in administrator group and role and have overall/administer permission.

      curl -X POST -u USER:APITOKEN http://server.example.com/safeRestart

        Attachments

          Issue Links

            Activity

            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Ivan Fernandez Calvo
            Path:
            src/main/java/org/jenkinsci/plugins/saml/SamlSecurityRealm.java
            src/main/java/org/jenkinsci/plugins/saml/user/LoginDetailsProperty.java
            src/main/resources/org/jenkinsci/plugins/saml/user/LoginDetailsProperty/config.jelly
            http://jenkins-ci.org/commit/saml-plugin/3ebcd66a34890efbcc494109493e42e89643e5f3
            Log:
            JENKINS-38034 SAML Plugin does not load groups when access with API Token (#23)

            • fire loggedIn event when the user is logged to save the jenkins.security.LastGrantedAuthoritiesProperty
            • change to attributes names in JEXL
            • save properties only if the SamlSecurityRealm is configured
            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ivan Fernandez Calvo Path: src/main/java/org/jenkinsci/plugins/saml/SamlSecurityRealm.java src/main/java/org/jenkinsci/plugins/saml/user/LoginDetailsProperty.java src/main/resources/org/jenkinsci/plugins/saml/user/LoginDetailsProperty/config.jelly http://jenkins-ci.org/commit/saml-plugin/3ebcd66a34890efbcc494109493e42e89643e5f3 Log: JENKINS-38034 SAML Plugin does not load groups when access with API Token (#23) fire loggedIn event when the user is logged to save the jenkins.security.LastGrantedAuthoritiesProperty change to attributes names in JEXL save properties only if the SamlSecurityRealm is configured
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            released on SAML Plugin 0.14

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - released on SAML Plugin 0.14

              People

              • Assignee:
                ifernandezcalvo Ivan Fernandez Calvo
                Reporter:
                ifernandezcalvo Ivan Fernandez Calvo
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: