Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: Major
Component/s: _unsorted
Labels:
None
Environment:
Debian 5.0.6 / 1.132 / tomcat 5.5.26-5

Similar Issues:

Show

Hi,

I'm using servlet container authentication with matrix based security. Three roles are defined: hudson-admin, hudson-dev and anonymous. hudson-admins have full access but hudson-devs can only trigger builds.

Everything is fine with hudson-admins. My issue is that I get a 403 when I try to authenticate with an hudson-dev (on https://hudson/loginEntry?from=/ ). But if I go to https://hudson/ then I'm successfully connected. It seems that something is wrong with access rights to /loginEntry.

Tomcat configuration:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="admin"/>
<role rolename="hudson-dev"/>
<role rolename="hudson-admin"/>
<user username="dev1" password="pass" roles="hudson-dev"/>
<user username="hudson-admin" password="pass" roles="hudson-admin"/>
</tomcat-users>

Hudson security configuration:
<useSecurity>true</useSecurity>
<authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy">
<permission>hudson.model.Computer.Configure:hudson-admin</permission>
<permission>hudson.model.Computer.Delete:hudson-admin</permission>
<permission>hudson.model.Hudson.Administer:hudson-admin</permission>
<permission>hudson.model.Hudson.Read:anonymous</permission>
<permission>hudson.model.Hudson.Read:hudson-admin</permission>
<permission>hudson.model.Hudson.Read:hudson-dev</permission>
<permission>hudson.model.Item.Build:hudson-admin</permission>
<permission>hudson.model.Item.Build:hudson-dev</permission>
<permission>hudson.model.Item.Configure:hudson-admin</permission>
<permission>hudson.model.Item.Create:hudson-admin</permission>
<permission>hudson.model.Item.Delete:hudson-admin</permission>
<permission>hudson.model.Item.Read:anonymous</permission>
<permission>hudson.model.Item.Read:hudson-admin</permission>
<permission>hudson.model.Item.Read:hudson-dev</permission>
<permission>hudson.model.Item.Workspace:hudson-admin</permission>
<permission>hudson.model.Item.Workspace:hudson-dev</permission>
<permission>hudson.model.Run.Delete:hudson-admin</permission>
<permission>hudson.model.Run.Update:hudson-admin</permission>
<permission>hudson.model.View.Configure:hudson-admin</permission>
<permission>hudson.model.View.Configure:hudson-dev</permission>
<permission>hudson.model.View.Create:hudson-admin</permission>
<permission>hudson.model.View.Create:hudson-dev</permission>
<permission>hudson.model.View.Delete:hudson-admin</permission>
</authorizationStrategy>

duplicates

JENKINS-4728 403 on login using container security

Open

Assignee:: Unassigned

Reporter:: cmathieu

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2010-10-11 02:17

Updated:: 2017-04-15 23:15

Resolved:: 2014-05-29 04:20

Details

Description

Attachments

Issue Links

Activity

People

Dates