Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6377

Hudson Enforcing Unusual Case-Sensitivity for Login

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Duplicate
    • Component/s: _unsorted
    • Labels:
      None
    • Environment:
      Hudson 1.355 in Tomcat 5.5 running on Windows Server 2003, JRE 1.6, Hudson Active Directory plugin 1.16.
    • Similar Issues:

      Description

      Under Manage Hudson/Configure System/"Security Realm" I've selected "Active Directory". Hudson is leveraging our organization's Active Directory for user authentication.

      Under "Authorization" I use "Project-based Matrix Authorization Strategy".

      If I log in as "william_leara", everything is fine. If I log in as "William_Leara", I am allowed to log in, but I am missing all permissions specific to me. (e.g. configure slave, configure job, start a build, etc.) It looks like I'm getting "Anonymous" permissions.

      Active Directory is not case-sensitive, so I would expect either "william_leara" or "William_Leara" to work. But the permissions need to be consistent. Alternatively, if there were a technical reason you needed to enforce case-sensitivity, you should disallow "William_Leara" from logging in. It seems broken to me to allow the user to log in, but not grant him his permissions.

        Attachments

          Issue Links

            Activity

            Hide
            garethbowles garethbowles added a comment -

            This also applies to groups; if I define a group MyGroup in AD, any variation on the case of the group name (mygroup, MyGroup), Mygroup, etc.) is recognized in the security configuration as a valid group, but the permissions only work if I'm a member of MyGroup.

            Show
            garethbowles garethbowles added a comment - This also applies to groups; if I define a group MyGroup in AD, any variation on the case of the group name (mygroup, MyGroup), Mygroup, etc.) is recognized in the security configuration as a valid group, but the permissions only work if I'm a member of MyGroup.
            Hide
            andreas_sandberg Andreas Sandberg added a comment -

            Still not resolved using Jenkins 1.473 and the Jenkins Active Directory plugin.

            Show
            andreas_sandberg Andreas Sandberg added a comment - Still not resolved using Jenkins 1.473 and the Jenkins Active Directory plugin.
            Show
            cforce cforce added a comment - Please fix, there so many different requests! Related/Dupe to https://issues.jenkins-ci.org/browse/JENKINS-3218 https://issues.jenkins-ci.org/browse/JENKINS-6377 https://issues.jenkins-ci.org/browse/JENKINS-4354 https://issues.jenkins-ci.org/browse/JENKINS-4354 https://issues.jenkins-ci.org/browse/JENKINS-4550 https://issues.jenkins-ci.org/browse/JENKINS-5436
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            @Jesse
            the issue could be closed as a duplicate, because Stephen provides the case-insensitive strategy in JENKINS-22247 together with main PR

            Show
            oleg_nenashev Oleg Nenashev added a comment - @Jesse the issue could be closed as a duplicate, because Stephen provides the case-insensitive strategy in JENKINS-22247 together with main PR
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Fixed in 1.566+. See JENKINS-22247

            Show
            oleg_nenashev Oleg Nenashev added a comment - Fixed in 1.566+. See JENKINS-22247

              People

              • Assignee:
                kohsuke Kohsuke Kawaguchi
                Reporter:
                williamleara williamleara
              • Votes:
                4 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: