[JIRA] [role-strategy-plugin] (JENKINS-34545) Assigning roles is case sensitive, and it shouldn't be

[chris.and.amy.shannon@gmail.com (JIRA)]

Christopher Shannon created an issue

Jenkins / JENKINS-34545 Assigning roles is case sensitive, and it shouldn't be Issue Type: Bug Assignee: Oleg Nenashev Components: role-strategy-plugin Created: 2016/May/02 9:07 PM Environment: Jenkins 1.646 Role-based Authorization Strategy 2.2.0 Labels: plugin plugins security Priority: Minor Reporter: Christopher Shannon Steps to reproduce: Create a user in Jenkins own user database with upper-case letters. Assign a role to this user, but use lower-case letters. Note that going back into Assign Roles shows the icon indicating that this user is valid. Note that this user does not have the appropriate role. Remove the previous role and assign the role to the user using upper-case letters. Note that the user now has the appropriate role. Since a user can login to their account in a case insensitive way, the role assignments should also be handled in a case insensitive way. Right now, it is very hard to figure out why roles are not working when the case is not matched between the role screen and the user database. Add Comment

This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265)

[David.W.Wise@mac.com (JIRA)]

David Wise commented on JENKINS-34545

Re: Assigning roles is case sensitive, and it shouldn't be I have the same issue. My Jenkins instance uses Security Realm of Active Directory, and Authorization of Role-Based Strategy. If the user does not use the same user ID case I use in Role Strategy, then they get the _missing the Overall/Read permission _error. As Active Directory does not care about case, my *workaround *is to enter 2 global and project entries for the user. One uppercase, DW12345, and one lowercase, dw12345. I could tell the user to use only lowercase, but then I would just get hassled by users who don't remember, or want an excuse to debate why we are moving to Jenkins. Love the plugin, as it works perfectly to control job visibility and read/write permissions. But the case sensitivity is an unnecessary pain.

Add Comment

This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c)

[David.W.Wise@mac.com (JIRA)]

David Wise edited a comment on JENKINS-34545

Re: Assigning roles is case sensitive, and it shouldn't be

I have the same issue.  My Jenkins instance uses Security Realm of Active Directory, and Authorization of Role-Based Strategy.  If the user does not use the same user ID case I use in Role Strategy, then they get the _missing "missing the Overall/Read permission _error " error .   As Active Directory does not care about case, my *workaround * WORKAROUND is to enter 2 global and project entries for the user.  One uppercase, DW12345, and one lowercase, dw12345.  I could tell the user to use only lowercase, but then I would just get hassled by users who don't remember, or want an excuse to debate why we are moving to Jenkins.  Love the plugin, as it works perfectly to control job visibility and read/write permissions.  But the case sensitivity is an unnecessary pain.

Add Comment

[o.v.nenashev@gmail.com (JIRA)]

Oleg Nenashev updated an issue

Jenkins / JENKINS-34545

Assigning roles is case sensitive, and it shouldn't be

Change By: Oleg Nenashev Issue Type: Bug New Feature

Add Comment

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

[o.v.nenashev@gmail.com (JIRA)]

Oleg Nenashev commented on JENKINS-34545

Re: Assigning roles is case sensitive, and it shouldn't be https://github.com/jenkinsci/role-strategy-plugin/pull/43 BTW

Add Comment

[o.v.nenashev@gmail.com (JIRA)]

Oleg Nenashev assigned an issue to Unassigned

Unassigning the issue for now. We have added two Role Strategy plugin project ideas to GSoC 2019: https://jenkins.io/projects/gsoc/2019/project-ideas/. If somebody is interested in co-mentoring the ideas (including these tickets), please let us know

Jenkins / JENKINS-34545

Assigning roles is case sensitive, and it shouldn't be

Change By: Oleg Nenashev Assignee: Oleg Nenashev

Add Comment

[Daniel.Pasto@gmail.com (JIRA)]

D Pasto commented on JENKINS-34545

Re: Assigning roles is case sensitive, and it shouldn't be I verified the workaround of assigning the user multiple times to each role:  JoeUser, joeuser, Joeuser, JOEUSER It doesn't display right since the LDAP lookup doesn't like the duplication, and it wouldn't scale well, but it does work - I can login with the most common capitalization patterns and get the right permissions

Add Comment