Jenkins user shows with 'Red Stop Sign' in security configuration

[Ioannis Moutsatsos]

We are using matrix security configuration (Jenkins  v 1.532 LTS on Windows)

Recently a user 'self-signed' for an account, and when I tried to setup his security configuration he is the only one in the user list appearing with a red stop sign before his user name. 

What does that mean? Is there something I'm missing? I've setup several other users in the past with no issues.

I have reloaded the Jenkins configuration from disk but did not make any difference.

Thanks in advance for any feedback you may have.

Ioannis

[Stephen Connolly]

Are you sure you have matched the username case exactly?

The great "fun" is that people have assumed:

* that usernames are case insensitive - WRONG: try *any* unix OS

* that email addresses are case insensitive - WRONG: read the RFC, the DNS name is case insensitive, but the bit *before* the @ _may_or_may_not_ be case sensitive, only the server that holds the mailbox knows the answer.

Now sane system admins on unix systems only use lowercase usernames because it creates less problems.

Since this is the typical policy, most mailbox servers are configured to match ignoring case.

Similarly, LDAP directory servers default schema relies on an email attribute that is specified as case insensitive.

Thus in 99% of cases usernames are case insensitive in the real world... However with over 70000 Jenkins installations you could expect perhaps 700 +/- sqrt(700)*2 of them to be facing case sensitivity issues.

Yet there is an army of devs for Jenkins that have been submitting bugs and fixes to make Jenkins case insensitive.

I gave an open pull request to make case sensitivity configurable, but until then you are in a limbo-land with regards to case sensitivity.

The biggest source of issues is Active Directory servers in larger organisations where there was a consolidation of different directory servers due to mergers and acquisitions... You have some users with email address reported as John...@acme.com, others as JOHN...@ACME.COM, and others as john...@acme.com. The users normally just type in their username in lowercase so may not be aware of how their username is being reported from AD (unless they go to the JENKINS_URL/whoAmI page).

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
Sent from my phone

[Ioannis Moutsatsos]

Thanks Steve;

Although I'm running Jenkins on Windows and I'm not using LDAP for authentication, I think your observation was in fact correct!

After adding the user name in all lower case in the security matrix and asking the user to re-register with an lower case username the 'Red Stop Sign' disappeared and the user is now able to build Jenkins jobs

Originally, the user had used a mixed case user name which was probably not preserved in a similar way across the entire Jenkins system and the Windows file system

Thanks for the helpful points!

Best regards

Ioannis

To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscribe@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[neethu shaju]

Hi 

I have tried adding the user with all lower case but it is still showing red stop sign.

Thanks.

[ktpen...@gmail.com]

HI 

I have same issue does this issue resolved, Please update 

Thanks 

TARUN