Dear group,
since upgrading LTS from 1.532.1. to 1.532.2, the
commit
https://github.com/jenkinsci/jenkins/commit/5548b5220cfd496831b5721124189ff18fbb12a3
is active and breaks our existing authentication setup for remote scripts.
Jenkins is configured to use LDAP for human login users, and technical user
+ apiToken (+remote trigger token, but that's another story) for remote
scripts. Company rules prohibit creating technical LDAP user (password
expiration enforcement e.a.), i.e. the technical user is only visible
inside Jenkins. apiToken can be configured via
<jenkins-url>/user/<username>/config, fine so far.
The commit contains the following additional code:
Jenkins.getInstance().getSecurityRealm().loadUserByUsername(username);
At this point, a org.acegisecurity.userdetails.UsernameNotFoundException:
User <username> not found in directory. is thrown, i guess because the
technical user is verified against the regular LDAP directory instead of
local Jenkins user base. If this is a bug introduced in 1.532.2, i can
easily rollback, but if this is the desired behaviour from now on i need to
come up with another solution. We cannot use nor CLI neither SSHD, we
depend on the REST api.
Thoughts? Ideas?
Thanks in advance
Jochen
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
