Unable to connect slaves after enabling security
14 views
Skip to first unread message
jbdundas
Mar 16, 2017, 2:00:41 AM3/16/17
to Jenkins Users
Hi,
We are running into a serious problem which is causing us to disable security on our Jenkins instance(Jenkins ver. 2.7.2).
1) We have about 5 slaves which are connected to this Jenkins right now and they run fine without security.
2) Now, we are trying to enable security on it and it seems to work fine( We use the Enable Security option with Matrix based Security) which also works fine.
3) We delegate authentication to our company based authentication mechanism and it works perfectly.
Now the problem part:-
1) When we enable security, it causes the nodes to disconnect and no matter what we try, it keeps giving us a 403 Forbidden error.
2) We must have tried everything to make this work. Deleted a node and tried to add a new Slave node and see if it works. Even that does not work.
3) I am feeling that the config.xml has a problem and it must causing these issues.
We use the Java Web Start option to kickstart the node and all the nodes are on Linux.
I have gone through all the stackoverflow and google groups threads to make this work.
So I request anyone to help me understand how to fix the Master Slave setup with security enabled. Note that we have the Master Slave Control unchecked right now since we sit behind the company intranet and do not need it.
Thanks,
Jitesh
We are running into a serious problem which is causing us to disable security on our Jenkins instance(Jenkins ver. 2.7.2).
1) We have about 5 slaves which are connected to this Jenkins right now and they run fine without security.
2) Now, we are trying to enable security on it and it seems to work fine( We use the Enable Security option with Matrix based Security) which also works fine.
3) We delegate authentication to our company based authentication mechanism and it works perfectly.
Now the problem part:-
1) When we enable security, it causes the nodes to disconnect and no matter what we try, it keeps giving us a 403 Forbidden error.
2) We must have tried everything to make this work. Deleted a node and tried to add a new Slave node and see if it works. Even that does not work.
3) I am feeling that the config.xml has a problem and it must causing these issues.
We use the Java Web Start option to kickstart the node and all the nodes are on Linux.
I have gone through all the stackoverflow and google groups threads to make this work.
So I request anyone to help me understand how to fix the Master Slave setup with security enabled. Note that we have the Master Slave Control unchecked right now since we sit behind the company intranet and do not need it.
Thanks,
Jitesh
Daniel Beck
Mar 16, 2017, 7:58:12 PM3/16/17
to jenkins...@googlegroups.com
> On 16.03.2017, at 07:00, jbdundas <jbdu...@gmail.com> wrote:
>
> 3) We delegate authentication to our company based authentication mechanism and it works perfectly.
jitesh dundas
Mar 17, 2017, 5:18:35 AM3/17/17
to jenkins...@googlegroups.com
Hi Daniel,
Thanks for responding. yes it is a private plugin for authentication ( Delegate to Servlet container. It works like a servlet filter which does cookie based authentication)
--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/8FDFBCED-2E0F-4F01-A940-BE9FF76037DC%40beckweb.net.
For more options, visit https://groups.google.com/d/optout.
Daniel Beck
Mar 17, 2017, 11:22:46 AM3/17/17
to jenkins...@googlegroups.com
> On 17.03.2017, at 10:18, jitesh dundas <jbdu...@gmail.com> wrote:
>
> Thanks for responding. yes it is a private plugin for authentication ( Delegate to Servlet container. It works like a servlet filter which does cookie based authentication)
Jenkins 2.37 introduced Jenkins#isSubjectToMandatoryReadPermissionCheck(String) to allow you to check whether something is exempt from that.
jitesh dundas
Mar 17, 2017, 11:29:56 AM3/17/17
to jenkins...@googlegroups.com
Hi Daniel,
--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/A5163AF8-CEE7-45F5-BB6A-297CF64B5950%40beckweb.net.
Reply all
Reply to author
Forward
0 new messages