[JIRA] (JENKINS-52701) SAML Auth Provider doesn't allow api tokens to authenticate

7 views
Skip to first unread message

james.sharpe@zenotech.com (JIRA)

unread,
Jul 23, 2018, 6:06:01 AM7/23/18
to jenkinsc...@googlegroups.com
James Sharpe created an issue
 
Jenkins / Bug JENKINS-52701
SAML Auth Provider doesn't allow api tokens to authenticate
Issue Type: Bug Bug
Assignee: Ivan Fernandez Calvo
Components: saml-plugin
Created: 2018-07-23 10:05
Labels: api
Priority: Major Major
Reporter: James Sharpe
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.10.1#710002-sha1:6efc396)

james.sharpe@zenotech.com (JIRA)

unread,
Jul 23, 2018, 6:07:01 AM7/23/18
to jenkinsc...@googlegroups.com
James Sharpe updated an issue
Change By: James Sharpe
Using an API token configured for a user doesn't allow access to the api e.g. accessing https://user:apitoken@jenkins/crumbIssuer/api/json causes a redirect to the saml auth provider instead of authenticating with the users apitoken.

ifernandezcalvo@cloudbees.com (JIRA)

unread,
Jul 23, 2018, 6:17:02 AM7/23/18
to jenkinsc...@googlegroups.com

james.sharpe@zenotech.com (JIRA)

unread,
Jul 23, 2018, 6:18:01 AM7/23/18
to jenkinsc...@googlegroups.com

1.0.7

ifernandezcalvo@cloudbees.com (JIRA)

unread,
Jul 23, 2018, 6:19:01 AM7/23/18
to jenkinsc...@googlegroups.com
Which version of core and SAML plugin are you using? it should work on version upper than 0.14

ifernandezcalvo@cloudbees.com (JIRA)

unread,
Jul 23, 2018, 6:22:01 AM7/23/18
to jenkinsc...@googlegroups.com

and Jenkins core?

james.sharpe@zenotech.com (JIRA)

unread,
Jul 23, 2018, 6:23:01 AM7/23/18
to jenkinsc...@googlegroups.com

2.133 for Jenkins Core

james.sharpe@zenotech.com (JIRA)

unread,
Jul 23, 2018, 6:32:01 AM7/23/18
to jenkinsc...@googlegroups.com

I've just regenerated the tokens under a user that authenticates with saml and it works now. The user for which it was failing was a user that wouldn't be authenticated via saml and was probably using a legacy api token.

ifernandezcalvo@cloudbees.com (JIRA)

unread,
Jul 23, 2018, 6:35:01 AM7/23/18
to jenkinsc...@googlegroups.com

so it is resolved, right?

james.sharpe@zenotech.com (JIRA)

unread,
Jul 23, 2018, 6:39:01 AM7/23/18
to jenkinsc...@googlegroups.com

Yes, sorry for the noise

ifernandezcalvo@cloudbees.com (JIRA)

unread,
Jul 23, 2018, 7:26:01 AM7/23/18
to jenkinsc...@googlegroups.com
Change By: Ivan Fernandez Calvo
Status: Open Fixed but Unreleased
Resolution: Not A Defect

vinay.prasad@gmail.com (JIRA)

unread,
Nov 27, 2019, 3:06:04 AM11/27/19
to jenkinsc...@googlegroups.com
Change By: Vinay B
Resolution: Not A Defect
Status: Fixed but Unreleased Reopened
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo

vinay.prasad@gmail.com (JIRA)

unread,
Nov 27, 2019, 3:07:23 AM11/27/19
to jenkinsc...@googlegroups.com
Vinay B commented on Bug JENKINS-52701
 
Re: SAML Auth Provider doesn't allow api tokens to authenticate

I'm facing the same issue. Its redirecting to the SAML Auth Provider instead of authenticating with the username and api token. Am on 2.179

info@xecurify.com (JIRA)

unread,
Nov 27, 2019, 3:09:24 AM11/27/19
to jenkinsc...@googlegroups.com
info miniorange assigned an issue to info miniorange
 
Change By: info miniorange
Assignee: Ivan Fernandez Calvo info miniorange

info@xecurify.com (JIRA)

unread,
Nov 27, 2019, 3:10:19 AM11/27/19
to jenkinsc...@googlegroups.com
info miniorange assigned an issue to Ivan Fernandez Calvo
Change By: info miniorange
Assignee: info miniorange Ivan Fernandez Calvo

kuisathaverat@gmail.com (JIRA)

unread,
Nov 27, 2019, 6:02:02 AM11/27/19
to jenkinsc...@googlegroups.com
Ivan Fernandez Calvo closed an issue as Fixed
 

Vinay B see the James comments, the user has to login at least once to grab the groups and create the user, also it should be a SAML real user.

Change By: Ivan Fernandez Calvo
Status: Reopened Closed
Resolution: Fixed
Reply all
Reply to author
Forward
0 new messages