I kind of fixed this by adding a Read permission under Overall for anonymous, and it works. This is not the best, as anonymous can still read build history and see people and so on..
Now the question - what the heck is going on? Why does it sometimes work under chrome, and _always_ work under firefox? wujek On Tuesday, July 3, 2012 9:41:24 AM UTC+2, wujek wrote: > > Hi. I have the following problem: I set up security to delegate to the > container, and use security matrix. Anonymous has no rights at all (all > checkboxes are unchecked), and I added one more user, 'admin', with all > rights. Admin has the 'admin' role in tomcat-users.xml. I also created a > user 'test' with the same roles as admin to make sure the problem is not > related to the fact that the username and role are the same - seems not to > be the case. The excerpt from config.xml from JENKINS_HOME (without the > test user, just admin): > > <useSecurity>true</useSecurity> > <authorizationStrategy > class="hudson.security.GlobalMatrixAuthorizationStrategy"> > <permission>hudson.model.Computer.Configure:admin</permission> > <permission>hudson.model.Computer.Connect:admin</permission> > <permission>hudson.model.Computer.Create:admin</permission> > <permission>hudson.model.Computer.Delete:admin</permission> > <permission>hudson.model.Computer.Disconnect:admin</permission> > <permission>hudson.model.Hudson.Administer:admin</permission> > > <permission>hudson.model.Hudson.ConfigureUpdateCenter:admin</permission> > <permission>hudson.model.Hudson.Read:admin</permission> > <permission>hudson.model.Hudson.RunScripts:admin</permission> > <permission>hudson.model.Hudson.UploadPlugins:admin</permission> > <permission>hudson.model.Item.Build:admin</permission> > <permission>hudson.model.Item.Cancel:admin</permission> > <permission>hudson.model.Item.Configure:admin</permission> > <permission>hudson.model.Item.Create:admin</permission> > <permission>hudson.model.Item.Delete:admin</permission> > <permission>hudson.model.Item.Discover:admin</permission> > <permission>hudson.model.Item.Read:admin</permission> > <permission>hudson.model.Item.Workspace:admin</permission> > <permission>hudson.model.Run.Delete:admin</permission> > <permission>hudson.model.Run.Update:admin</permission> > <permission>hudson.model.View.Configure:admin</permission> > <permission>hudson.model.View.Create:admin</permission> > <permission>hudson.model.View.Delete:admin</permission> > <permission>hudson.model.View.Read:admin</permission> > <permission>hudson.scm.SCM.Tag:admin</permission> > </authorizationStrategy> > <securityRealm class="hudson.security.LegacySecurityRealm"/> > > Now, when go to my jenkins URL, I need to log in, I can't even see any > project, which is nice and what I would like to have. However, when I log > in, i just get redirected to the login page again. For example, I go to: > http://mydomain:8080/jenkins > and the URL that gets shown is: > http://mydomain:8080/jenkins/loginEntry?from=%2Fjenkins%2F > then I attempt to log in, and just get redirected to the same page. > > What is very strange: sometimes, after I restart, I can login in, then I > close the browser (logging out doesn't matter here), open it again, and the > problem occurs. This happens in google-chrome and in IE9, works fine in > Firefox. > > Is anybody familar with this problem? What logging settings can I set to > see what is happening? By default, nothing interesting is printed in the > logs, and with .root=ALL it is a bit too much ;d > Are you aware of any such problems? > I am using 'Jenkins ver. 1.473', running on: > java version "1.7.0_05" > Java(TM) SE Runtime Environment (build 1.7.0_05-b05) > Java HotSpot(TM) 64-Bit Server VM (build 23.1-b03, mixed mode) > > wujek > >
