Details

    • Similar Issues:

      Description

      With Jenkins 2.107.3 the security fix SECURITY-786 was implemented. This allows only the following chars in username:

      User name must only contain alphanumeric characters, underscore and dash

      We use mail adresses as username in our Jenkins installation, so I would like to modify this behaviour.

      To override this behaviour I added the system property 
      hudson.model.HudsonPrivateSecurityRealm.ID_REGEX
      like descript in the docs. Unfortunately this property is ignored.{{}}

      I tested different regex patterns but even the simple example (see attachment) didnt work.

      Here is the full docker run command:{{}}

       

      // code placeholder
      $ docker run --restart=always -v /home/ubuntu/jenkins_home2:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock -v $(which docker):/bin/docker -u 1000:116 -p 9101:8080 -p 50001:50001 --name stage-jenkins -e "http_proxy=http://172.17.0.1:8888" -e "https_proxy=http://172.17.0.1:8888" --env JAVA_OPTS=-Dhudson.model.HudsonPrivateSecurityRealm.ID_REGEX=[a-z][a-z]+ -d jenkins/jenkins:lts

       

      The final regex pattern would be this one:

      --env JAVA_OPTS=-Dhudson.model.HudsonPrivateSecurityRealm.ID_REGEX=[a-zA-Z][a-zA-Z0-9_.@-]+{{}}
       

        Attachments

          Activity

          Hide
          buga Hans Buga added a comment -

          I found the solution in INFRA-1635.

          The documentation is wrong. The property is:

          hudson.security.HudsonPrivateSecurityRealm.ID_REGEX

          Show
          buga Hans Buga added a comment - I found the solution in INFRA-1635 . The documentation is wrong. The property is: hudson.security.HudsonPrivateSecurityRealm.ID_REGEX
          Hide
          hotdogwang Luke Wang added a comment -

          Hi, 

          I got the same issue on 2.155

          If I don't using the Jenkins as container.

          How do I change the config in hudson.security.HudsonPrivateSecurityRealm.ID_REGEX ?
           

          Show
          hotdogwang Luke Wang added a comment - Hi,  I got the same issue on  2.155 If I don't using the Jenkins as container. How do I change the config in  hudson.security.HudsonPrivateSecurityRealm.ID_REGEX ?  
          Hide
          jeeook Jiuk Jeong added a comment - - edited

          Hi, Luke Wang

          /etc/default/jenkins

          #Allow graphs etc. to work even when an X server is present
          JAVA_ARGS="-Dhudson.security.HudsonPrivateSecurityRealm.ID_REGEX=[a-zA-Z0-9_.@-]+"

          Show
          jeeook Jiuk Jeong added a comment - - edited Hi, Luke Wang /etc/default/jenkins #Allow graphs etc. to work even when an X server is present JAVA_ARGS="-Dhudson.security.HudsonPrivateSecurityRealm.ID_REGEX= [a-zA-Z0-9_.@-] +"

            People

            • Assignee:
              hotdogwang Luke Wang
              Reporter:
              buga Hans Buga
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: