| Groups that a user is assigned depends on the security realm you use.
I suppose the security realm you use doesn't assign "authenticated" group to the user when authorize-project queries the user. I could not reproduce the issue with built-in "Jenkins’ own user database" as it always assigns "authenticated" group to the user. I don't think it's a bug of the security realm as the query by the authorize-project plugin is independent from user's login process. The security realm can't say to authorized-project plugin whether the user is authenticated.
I suppose "authenticated" group is always assigned for Web UI operations as Jenkins knows the user is actually authenticated. I won't fix this issue as managing actual permissions is out of the domain of authorize-project and managing permissions carelessly can easily cause security issues. Please instead create a new group for all Jenkins users and assign the role to that group. |
