Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60176

Groups are not working | SAML | Authorization Matrix

    Details

    • Similar Issues:

      Description

      When we create a group in authorization-based matrix and assine an EMAIL address/User to a group

       

      Using the same Group in Pipeline Input with permissions

       

      It Just prompt with error message 

       

      You are not the member of "TEST Group"

        Attachments

        1. 1.png
          1.png
          24 kB
        2. 1.png
          1.png
          86 kB
        3. 2.png
          2.png
          60 kB
        4. 2.png
          2.png
          83 kB
        5. 3.png
          3.png
          79 kB
        6. image-2019-11-14-23-07-36-764.png
          image-2019-11-14-23-07-36-764.png
          63 kB
        7. image-2019-12-03-19-42-11-938.png
          image-2019-12-03-19-42-11-938.png
          97 kB
        8. image-2019-12-03-19-42-54-249.png
          image-2019-12-03-19-42-54-249.png
          97 kB
        9. image-2019-12-03-19-43-17-429.png
          image-2019-12-03-19-43-17-429.png
          39 kB
        10. image-2019-12-03-19-44-08-344.png
          image-2019-12-03-19-44-08-344.png
          72 kB
        11. image-2019-12-03-19-44-59-440.png
          image-2019-12-03-19-44-59-440.png
          116 kB
        12. image-2019-12-03-19-46-03-659.png
          image-2019-12-03-19-46-03-659.png
          83 kB
        13. image-2019-12-03-19-46-41-526.png
          image-2019-12-03-19-46-41-526.png
          20 kB
        14. OKTA_1.jpg
          OKTA_1.jpg
          18 kB

          Issue Links

            Activity

            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited

            Did you set up the correct group attribute in the SAML configuration? Did you check if the groups are assigned to the users? Go to people to one of the users, then to configure and check at the end of the page the groups grabbed from SAML

            This Jira is not a support site if you have questions please use the google groups, see https://wiki.jenkins.io/display/JENKINS/How+to+report+an+issue

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited Did you set up the correct group attribute in the SAML configuration? Did you check if the groups are assigned to the users? Go to people to one of the users, then to configure and check at the end of the page the groups grabbed from SAML This Jira is not a support site if you have questions please use the google groups, see https://wiki.jenkins.io/display/JENKINS/How+to+report+an+issue
            Hide
            daljit_in Daljit singh added a comment -

            Please Find the attached Files where the Issue is still persisting 

             

            Will share the Version as well

            Show
            daljit_in Daljit singh added a comment - Please Find the attached Files where the Issue is still persisting    Will share the Version as well
            Hide
            daljit_in Daljit singh added a comment -

            Show
            daljit_in Daljit singh added a comment -
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            This is not an issue is a configuration problem, please use the google groups to ask questions

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - This is not an issue is a configuration problem, please use the google groups to ask questions
            Hide
            daljit_in Daljit singh added a comment -

            I have tried all the ways as per my documentations

             

            Jenkins: SAML Settings

            ++ Settings

            Role based

             

            Created a Global Role

             

            Now Assigned Global role to an OKTA Group the same name group exist in OKTA

             

             

            Okta setting as per Okta portal:

            Test User who can access OKTA application

             

             

             

            Group settings in Okta

             

            But after doing this all the groups are not resolving by Jenkins as the issue remains on the Jenkins Input based Job 

            but If I write the Email address in Jenkins file it works perfectly fine 

            as authentication with OKTA is happening perfectly fine

            but the Group based strategy is not working

             

            as the SAML inspect response in Browser is not showing the group payload is not coming as well.

             

            followed later this document :

            https://dev.to/setevoy/jenkins-saml-authentication-via-okta-and-users-groups-2koh

             

            and in last slide it's not showing the icon in front of DevOps Group name. Not Sure.

             

            Show
            daljit_in Daljit singh added a comment - I have tried all the ways as per my documentations   Jenkins: SAML Settings ++ Settings Role based   Created a Global Role   Now Assigned Global role to an OKTA Group the same name group exist in OKTA     Okta setting as per Okta portal: Test User who can access OKTA application       Group settings in Okta   But after doing this all the groups are not resolving by Jenkins as the issue remains on the Jenkins Input based Job  but If I write the Email address in Jenkins file it works perfectly fine  as authentication with OKTA is happening perfectly fine but the Group based strategy is not working   as the SAML inspect response in Browser is not showing the group payload is not coming as well.   followed later this document : https://dev.to/setevoy/jenkins-saml-authentication-via-okta-and-users-groups-2koh   and in last slide it's not showing the icon in front of DevOps Group name. Not Sure.  
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            This Jira is not a support site if you have questions please use the google groups, see https://wiki.jenkins.io/display/JENKINS/How+to+report+an+issue

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - This Jira is not a support site if you have questions please use the google groups, see https://wiki.jenkins.io/display/JENKINS/How+to+report+an+issue

              People

              • Assignee:
                ifernandezcalvo Ivan Fernandez Calvo
                Reporter:
                daljit_in Daljit singh
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: