conflict user vs group name

2020-01-30 Thread Harald Dunkel
Hi folks, using matrix-based security I tried to define permissions for group "department_a", but apparently it added the permissions only for the *user* with this name. Adding a second "department_a" to get the group this time was rejected. Directory service is LDAP. Every helpful comment is

Re: Role-based Authorization Strategy Plugin groups not working

2020-01-30 Thread Shaun Megaw
Fixed. Case sensitive group names. Copied from the /whoAmI/ suffix and working. Thanks for the help On Thursday, January 30, 2020, 'Lagerburg Tim (RBRO/ESA2)' via Jenkins Users wrote: > Sorry, I meant does it return the groups the user is a member of > > *From:* jenkinsci-users@googlegroups.com

Re: Role-based Authorization Strategy Plugin groups not working

2020-01-30 Thread Shaun Megaw
Yes, if I add the suffix /whoAmI/ to my Jenkins url I can see the groups my user belongs to. All the other users in that group have no permissions (I added my user to admin role to configure Jenkins On Thursday, January 30, 2020, 'Lagerburg Tim (RBRO/ESA2)' via Jenkins Users wrote: > Sorry, I me

RE: Role-based Authorization Strategy Plugin groups not working

2020-01-30 Thread 'Lagerburg Tim (RBRO/ESA2)' via Jenkins Users
Sorry, I meant does it return the groups the user is a member of From: jenkinsci-users@googlegroups.com On Behalf Of Shaun Megaw Sent: 30 January 2020 20:06 To: jenkinsci-users@googlegroups.com Subject: Re: Role-based Authorization Strategy Plugin groups not working Thank you fort he reply. The

Re: Role-based Authorization Strategy Plugin groups not working

2020-01-30 Thread Shaun Megaw
Thank you fort he reply. The users don return. If I use employee numbers it is even able to resolve the names, On Thursday, January 30, 2020, 'Lagerburg Tim (RBRO/ESA2)' via Jenkins Users wrote: > Hello, > > If you test the LDAP settings, does it return a list of users the user you > used to tes

RE: Role-based Authorization Strategy Plugin groups not working

2020-01-30 Thread 'Lagerburg Tim (RBRO/ESA2)' via Jenkins Users
Hello, If you test the LDAP settings, does it return a list of users the user you used to test (use the test function inside the LDAP config) the user is a member of? ​ -Original Message- From: jenkinsci-users@googlegroups.com On Behalf Of Shaun Megaw Sent: 30 January 2020 12:56 To: J

PROPOSAL: Remove network discovery services

2020-01-30 Thread Jeff Thompson
Hi, Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security conside

Re: Problems with saml-plugin

2020-01-30 Thread Ivan Fernandez Calvo
wrong URL, the good one is https://YOUR_JENKINS_URL/logout El jueves, 30 de enero de 2020, 16:47:59 (UTC+1), Ivan Fernandez Calvo escribió: > > as a workaround, you can set the logout URL to > "http://YOUR_JENKINS_URL/securityRealm/finishLogin"; this will invalidate > the HTTP session for Jenki

Re: Problems with saml-plugin

2020-01-30 Thread Ivan Fernandez Calvo
as a workaround, you can set the logout URL to " http://YOUR_JENKINS_URL/securityRealm/finishLogin " this will invalidate the HTTP session for Jenkins but not the SAML token -- You received this message because you are subscribed to the Goog

Re: Problems with saml-plugin

2020-01-30 Thread Ivan Fernandez Calvo
The error you show come from the IdP, Jenkins only make an HTTP redirection to the URL that it is in the configuration, for some reason your IdP tell that the request is incorrect, my guess it is that your IdP does not implement this logout service by HTTP-redirect, or it needs some parameters

Re: Jenkins Integration with LDAP -- Issue

2020-01-30 Thread Shaun Megaw
I had the same issue. what fixed it for me was filling in the "User search filter" field I added (&(objectCategory=person)(sAMAccountName={0})) On Tuesday, January 21, 2020 at 12:29:34 AM UTC+2, gaurav gundal wrote: > > Hi Everyone, > > > I am trying to configure Jenkins with the ldap,but I a

Role-based Authorization Strategy Plugin groups not working

2020-01-30 Thread Shaun Megaw
Hi I have setup Role-based Authorization Strategy Plugin. If I select users it works, however if I select our AD groups, users on that group have no permissions In Global roles, I add the group, and can see t has the group icon to the right, and ticked it's access rights (admin), however users on

Re: Problems with saml-plugin

2020-01-30 Thread Marcin Szymański
> > Hi Ivan, > Thanks for reply. This is how look like my SingleLogoutService section in IdP metadata. I treid also by setting Logout URL in jenkins - same results :/ My settings from Keycloak: *Login Service Redirect Binding URL - * https:///securityRealm/finishLogin -- You received this

Re: Problems with saml-plugin

2020-01-30 Thread Marcin Szymański
Hi Ivan, Thanks for reply. This is how look like my SingleLogoutService section in IdP metadata. I tried also by setting Logout URL in jenkins - same results :/ My setting from Keycloak: *Login Service Redirect Binding URL* https://idesuite-test.hlb.helaba.de/jenkins/securityRealm/finishLogi