Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-41914

Basic authentication with group membership strategy and FreeIPA

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      We use kerberos-sso, ldap plugin, and role strategy for authentication and authorization.

      A freeipa is configured as ldap server.

      Authorization work well with kerberos login. However, with basic authentication, ldap plugin doesn't return indirect groups of user for authorization.

      Attached files:
      test.groovy: script for check return authorities of login
      ldap-plugin.conf: a part of ldap plugin config
      0001-Fix-bug-basic-authentication-can-t-work-with-group-m.patch: a temporary solution

        Attachments

          Activity

          Hide
          olivergondza Oliver Gondža added a comment -

          I am wondering how kerberos plugin is involved. Coincidentally, the basic auth is not handled by kerberos-sso. Do I understand correctly the permissions are correct when kerberos negotiation is used but "wrong" when basic auth is used?

          [1] https://issues.jenkins-ci.org/browse/JENKINS-38687

          Show
          olivergondza Oliver Gondža added a comment - I am wondering how kerberos plugin is involved. Coincidentally, the basic auth is not handled by kerberos-sso. Do I understand correctly the permissions are correct when kerberos negotiation is used but "wrong" when basic auth is used? [1] https://issues.jenkins-ci.org/browse/JENKINS-38687

            People

            • Assignee:
              t_westling Tomas Westling
              Reporter:
              ptt_mt0003 Toan Pham
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: