Hey folks, Having a problem with triggering builds with authentication enabled and wondering if anyone has ideas. I have Global Security configured to use LDAP with "Project-based Matrix Authorization Strategy" enabled. The "Anonymous" user has the "Job > Build" privilege, and no other privileges (in particular, the "Anonymous" user does NOT have "Overall > Read" privilege, since I don't want everyone to be able to view the list of jobs and other general information).
I want an automated script to be able to trigger a build using the "Trigger Builds Remotely" feature, where I specify a "?token=[token]" value and the standard authentication should be bypassed, as long as the [token] value matches the one I set in the job's Configure page. The goal is to NOT need to provide a regular username/password in the request but simply provide the token for this specific job. The documentation seems to indicate this should work: https://wiki.jenkins-ci.org/display/JENKINS/Quick+and+Simple+Security So specifically, I am expecting this HTTP request to work: curl -i https://jenkinsHost/job/ProjectName/build?token=test But I get: [~]$ curl -i https://jenkinsHost/job/ProjectName/build?token=test HTTP/1.1 403 Forbidden Date: Sat, 27 Apr 2013 23:17:03 GMT Server: Winstone Servlet Engine v0.9.10 Content-Type: text/html;charset=UTF-8 Content-Length: 629 X-Powered-By: Servlet/2.5 (Winstone/0.9.10) Set-Cookie: JSESSIONID.e9bc4765=e1f0a30b9f04b3740bae527a7822b2d5; Path=/; HttpOnly Connection: close <html><head><meta http-equiv='refresh' content='1;url=/login?from=%2Fjob%2FProjectName%2Fbuild%3Ftoken%3Dtest'/> <script> window.location.replace('/login?from=%2Fjob%2FProjectName%2Fbuild%3Ftoken%3Dtest');</script> </head> <body style='background-color:white; color:white;'> Authentication required </body></html> When I DO use API authentication, the request works: curl -i --username "test_user:API_KEY" https://hostname/job/ProjectName/build?token=test But again, according to the documentation I think it is supposed to bypass the global authentication if ?token is present and matches the project token I configure. Why is this not working? What other information/logs can I provide? I have filed an issue on Jenkins JIRA, but wanted to ping this group as well to see if anyone has ideas. Issue is at: https://issues.jenkins-ci.org/browse/JENKINS-17764 Thanks for your help, Stuart -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
