[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles WOW. By iterating through the various checkName URLs, I've found a particular role name that logs me out. Not all roles do this :Dhttps://jenkins/descriptor/com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy/checkName?value=%5Bjsmith%5D(was not originally jsmith, but something similarly simple).I need to investigate why this is happening but jeeez.Continuing to investigate today, found that I can be logged out by viewing a user (that isn't me) via the UI too:https:// j5s.anaplan-np.net /users/ Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.848.1565531760511%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles WOW. By iterating through the various checkName URLs, I've found a particular role name that logs me out. Not all roles do this :Dhttps://jenkins/descriptor/com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy/checkName?value=%5Bjsmith%5D(was not originally jsmith, but something similarly simple).I need to investigate why this is happening but jeeez.Continuing to investigate today, found that I can be logged out by viewing a user (that isn't me) via the UI too:https:// jenkins /users/ Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.856.1565531760786%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nathan Vahrenberg commented on JENKINS-57434 Re: Unable to add or edit roles Thanks for diving into it Nick Johns! I'm glad to know where it was coming from before it mysteriously disappeared I installed the updated github-oauth-plugin today, and it looks like the issue is resolved on my end as well. Oleg Nenashev I think we could close this out at this point and attribute it to JENKINS-57154 Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.11425.1565368920359%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles This lead me to https://issues.jenkins-ci.org/browse/JENKINS-57154 which is resolved in https://github.com/jenkinsci/github-oauth-plugin/blob/master/CHANGELOG.md#version-033-released-aug-5-2019 . Installing this new version resolved the issue for me. [~nv035674], are you using github authentication? This might work for you! Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10675.1565269023687%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns commented on JENKINS-57434 Re: Unable to add or edit roles This lead me to https://issues.jenkins-ci.org/browse/JENKINS-57154 which is resolved in https://github.com/jenkinsci/github-oauth-plugin/blob/master/CHANGELOG.md#version-033-released-aug-5-2019 Nathan Vahrenberg, are you using github authentication? This might work for you! Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10667.1565268960493%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles WOW. By iterating through the various checkName URLs, I've found a particular role name that logs me out. Not all roles do this :Dhttps://jenkins/descriptor/com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy/checkName?value=%5Bjsmith%5D(was not originally jsmith, but something similarly simple).I need to investigate why this is happening but jeeez. Continuing to investigate today, found that I can be logged out by viewing a user (that isn't me) via the UI too:https://j5s.anaplan-np.net/users/ Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10664.1565268361490%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns commented on JENKINS-57434 Re: Unable to add or edit roles WOW. By iterating through the various checkName URLs, I've found a particular role name that logs me out. Not all roles do this https://jenkins/descriptor/com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy/checkName?value=%5Bjsmith%5D (was not originally jsmith, but something similarly simple). I need to investigate why this is happening but jeeez. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10125.1565199000434%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns commented on JENKINS-57434 Re: Unable to add or edit roles By disabling calls to the checkName endpoint, I was able to avoid being logged out. Somehow the https://jenkins/descriptor/com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy/checkName?value= is invalidating my sessions. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10103.1565197500424%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles By disabling calls to the checkName endpoint, I was able to avoid being logged out. Somehow the https://jenkins/descriptor/com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy/checkName?value= is invalidating my sessions. Obviously this still leaves the assign roles page broken Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10111.1565197500694%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles After seeing the above issue, that I'm considered anonymous when submitting the assignRoles, I did an additional experiment.* view assignRoles page* view page that doesn't require authenticationI see that I'm logged out! Just viewing the assignRoles page *with _javascript_ enabled* seems to invalidate my session.As it's when _javascript_ is enabled only that logs me out, I can only conclude that an AJAX request triggered by the page is invalidating my session?Looking at dev tools I just see a lot of checkName calls (all returning 200), and then a failed ajaxBuildQueue and ajaxExecutors pair of requests, followed by more succesful checkName calls. When I test the unauthenticated page in another tab, it looks like my session is invalidated. Response from the ajax call? "No valid crumb was included in the request" Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10091.1565196960614%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles After seeing the above issue, that I'm considered anonymous when submitting the assignRoles, I did an additional experiment.* view assignRoles page* view page that doesn't require authenticationI see that I'm logged out! Just viewing the assignRoles page *with _javascript_ enabled* seems to invalidate my session.As it's when _javascript_ is enabled only that logs me out, I can only conclude that an AJAX request triggered by the page is invalidating my session? Looking at dev tools I just see a lot of checkName calls (all returning 200), and then a failed ajaxBuildQueue and ajaxExecutors pair of requests, followed by more succesful checkName calls. When I test the unauthenticated page in another tab, it looks like my session is invalidated. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10083.1565196900260%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns commented on JENKINS-57434 Re: Unable to add or edit roles After seeing the above issue, that I'm considered anonymous when submitting the assignRoles, I did an additional experiment. view assignRoles page view page that doesn't require authentication I see that I'm logged out! Just viewing the assignRoles page with _javascript_ enabled seems to invalidate my session. As it's when _javascript_ is enabled only that logs me out, I can only concluded an AJAX request is invalidating my session? Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10067.1565196540850%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles After seeing the above issue, that I'm considered anonymous when submitting the assignRoles, I did an additional experiment.* view assignRoles page* view page that doesn't require authenticationI see that I'm logged out! Just viewing the assignRoles page *with _javascript_ enabled* seems to invalidate my session.As it's when _javascript_ is enabled only that logs me out, I can only concluded conclude that an AJAX request triggered by the page is invalidating my session? Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10075.1565196541063%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title
Nick Johns edited a comment on JENKINS-57434
Re: Unable to add or edit roles
I'm also seeing this issue. I initially saw the no valid crumb error as well, I believe this is caused by the plugin incorrectly redirecting you via _javascript_ to reauthenticate with your provider (mine is Github Enterprise) which kills the session. I think this is hiding the root cause.To try and simplify things, I disabled CSRF. *(removed debug from disabling _javascript_, I know now see that the page requires _javascript_ in order to pass the json form data)*Using developer tools, I can see the assignSubmit response has the following headers:{noformat}content-encoding: gzipcontent-type: text/html;charset=utf-8date: Wed, 07 Aug 2019 16:37:41 GMTserver: nginx/1.13.8status: 403strict-transport-security: max-age=15724800; includeSubDomains;vary: Accept-Encodingx-content-type-options: nosniffx-hudson: 1.395x-hudson-cli-port: 5x-jenkins: 2.164.1x-jenkins-cli-port: 5x-jenkins-cli2-port: 5x-jenkins-session: efedebfbx-required-permission: hudson.model.Hudson.Administerx-you-are-authenticated-as: anonymousx-you-are-in-group-disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose{noformat}
Add Comment
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10059.1565196361093%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title
Nick Johns edited a comment on JENKINS-57434
Re: Unable to add or edit roles
I'm also seeing this issue. I initially saw the no valid crumb error as well, I believe this is caused by the plugin incorrectly redirecting you via _javascript_ to reauthenticate with your provider (mine is Github Enterprise) which kills the session. I think this is hiding the root cause.To try and simplify things, I disabled _javascript_, and I disabled CSRF. *(removed debug from disabling _javascript_, I know see that the page requires _javascript_ in order to pass the json form data)* Using developer tools, I can see the assignSubmit response has the following headers:{noformat}content-encoding: gzipcontent-type: text/html;charset=utf-8date: Wed, 07 Aug 2019 16:37:41 GMTserver: nginx/1.13.8status: 403strict-transport-security: max-age=15724800; includeSubDomains;vary: Accept-Encodingx-content-type-options: nosniffx-hudson: 1.395x-hudson-cli-port: 5x-jenkins: 2.164.1x-jenkins-cli-port: 5x-jenkins-cli2-port: 5x-jenkins-session: efedebfbx-required-permission: hudson.model.Hudson.Administerx-you-are-authenticated-as: anonymousx-you-are-in-group-disabled: JENKINS-39402: use -Dhudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS=true or use /whoAmI to diagnose{noformat}
Add Comment
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10051.1565196360935%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns edited a comment on JENKINS-57434 Re: Unable to add or edit roles I'm also seeing this issue. I initially saw the no valid crumb error as well, I believe this is caused by the plugin incorrectly redirecting you via _javascript_ to reauthenticate with your provider (mine is Github Enterprise) which kills the session. I think this is hiding the root cause.To try and simplify things, I disabled _javascript_, and I disabled CSRF. * ( removing removed debug from disabling _javascript_, I know see that the page requires _javascript_ in order to pass the json form data) * Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.10041.1565196000272%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title
Nick Johns edited a comment on JENKINS-57434
Re: Unable to add or edit roles
I'm also seeing this issue. I initially saw the no valid crumb error as well, I believe this is caused by the plugin incorrectly redirecting you via _javascript_ to reauthenticate with your provider (mine is Github Enterprise) which kills the session. I think this is hiding the root cause.To try and simplify things, I disabled _javascript_, and I disabled CSRF. When doing that (removing debug from disabling _javascript_, I get know see that the following error when submitting the assingRoles page :!image-2019-08-07-17-25-17-212.png!The content being posted (according requires _javascript_ in order to chrome developer tools) looks to be a lot less than I would expect for pass the complexity of the assign roles matrixes:{noformat}[authenticated]: on[admin]: on[admin]: on[admin]: on[extended-read]: on[admin]: on[admin]: on[admin]: on[anonymous]: on_.: [project1-write]: on[project1-admin]: on[project1-admin]: on[project1-write]: on[project2-write]: on[project2-admin]: on[project3-write]: on[project3-admin]: on[project4-write]: on[project4-admin]: on[project5-write]: on[project5-admin]: on[project6-read]: on[project6-write]: on[project6-admin]: on[project6-admin]: on[project6-write]: on[project1-admin]: on[project1-write]: on[project6-admin]: on[project6-write]: on[project7-write]: on[project7-admin]: on[project6-team-admin]: on[project8-write]: on[project8-admin]: on[project9-write]: on[project9-admin]: on_.: _.: Submit: Savecore:apply:{noformat} json form data)
Add Comment
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
To view this discussion on the web visit
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns commented on JENKINS-57434 Re: Unable to add or edit roles I'm also seeing this issue. I initially saw the no valid crumb error as well, I believe this is caused by the plugin incorrectly redirecting you via _javascript_ to reauthenticate with your provider (mine is Github Enterprise) which kills the session. I think this is hiding the root cause. To try and simplify things, I disabled _javascript_, and I disabled CSRF. When doing that I get the following error when submitting the assingRoles page: The content being posted (according to chrome developer tools) looks to be a lot less than I would expect for the complexity of the assign roles matrixes: [authenticated]: on [admin]: on [admin]: on [admin]: on [extended-read]: on [admin]: on [admin]: on [admin]: on [anonymous]: on _.: [project1-write]: on [project1-admin]: on [project1-admin]: on [project1-write]: on [project2-write]: on [project2-admin]: on [project3-write]: on [project3-admin]: on [project4-write]: on [project4-admin]: on [project5-write]: on [project5-admin]: on [project6-read]: on [project6-write]: on [project6-admin]: on [project6-admin]: on [project6-write]: on [project1-admin]: on [project1-write]: on [project6-admin]: on [project6-write]: on [project7-write]: on [project7-admin]: on [project6-team-admin]: on [project8-write]: on [project8-admin]: on [project9-write]: on [project9-admin]: on _.: _.: Submit: Save core:apply: Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns updated an issue Jenkins / JENKINS-57434 Unable to add or edit roles Change By: Nick Johns Attachment: image-2019-08-07-17-25-15-036.png Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.9930.1565195160636%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nick Johns updated an issue Jenkins / JENKINS-57434 Unable to add or edit roles Change By: Nick Johns Attachment: image-2019-08-07-17-25-17-212.png Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.9938.1565195160742%40Atlassian.JIRA.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nathan Vahrenberg edited a comment on JENKINS-57434 Re: Unable to add or edit roles [~oleg_nenashev] is there any other info I can provide that might help? This has been difficult for us to work around unfortunately. Edit: speaking of workarounds, editing the config.xml to add a new entry in the does work after cycling Jenkins. It's not ideal, but we can at least add new permission groups this way Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.8754.1561492440239%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nathan Vahrenberg commented on JENKINS-57434 Re: Unable to add or edit roles Oleg Nenashev is there any other info I can provide that might help? This has been difficult for us to work around unfortunately. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.8726.1561491240257%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title simon townsend edited a comment on JENKINS-57434 Re: Unable to add or edit roles !Screen Shot 2019-05-21 at 10.08.15 AM.png! Also experiencing this issue. I am able to create new roles but cannot assign them due to '' !Screen Shot 2019-05-21 at 10.08.15 AM.png! Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.7464.1558451402220%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title simon townsend updated an issue Jenkins / JENKINS-57434 Unable to add or edit roles Change By: simon townsend Attachment: Screen Shot 2019-05-21 at 10.08.15 AM.png Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.7454.1558451340530%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title simon townsend commented on JENKINS-57434 Re: Unable to add or edit roles Also experiencing this issue. I am able to create new roles but cannot assign them due to '' Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.7459.1558451340620%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Antonio Arbutina commented on JENKINS-57434 Re: Unable to add or edit roles Hi, we have exactly the same problem as Nathan has. We tried to reverting in to 2.9.0 version but to no avail. Currently only workaround we can think off that works is changing config.xml file for Jenkins itself and assing roles like that, but this requires Jenkins reloading. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.5191.1558342200660%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nathan Vahrenberg edited a comment on JENKINS-57434 Re: Unable to add or edit roles Core: Jenkins 2.177Plugin: Role-based Authorization Strategy 2. 1 10 All other plugins are the latest version as of today. Our user accounts are all Github accounts using the Github Authentication plugin, then we define roles to certain folders and assign Github teams to those roles. We do have a decent number of roles and teams, approximately 16 roles and 20 groups, then a handful of individual users (approx. 20) assigned to admin roles.I'm trying to think of what else might be relevant to this issue. I can tell you that it used to work fine but I don't know what change would have broken it. Let me know what other information I can grab for you. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.1566.1557758460646%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nathan Vahrenberg commented on JENKINS-57434 Re: Unable to add or edit roles Core: Jenkins 2.177 Plugin: Role-based Authorization Strategy 2.1 All other plugins are the latest version as of today. Our user accounts are all Github accounts using the Github Authentication plugin, then we define roles to certain folders and assign Github teams to those roles. We do have a decent number of roles and teams, approximately 16 roles and 20 groups, then a handful of individual users (approx. 20) assigned to admin roles. I'm trying to think of what else might be relevant to this issue. I can tell you that it used to work fine but I don't know what change would have broken it. Let me know what other information I can grab for you. Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.1564.1557758400090%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Oleg Nenashev commented on JENKINS-57434 Re: Unable to add or edit roles Which Jenkins core and plugin version do you use? Cannot reproduce on LTS/latest Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.199247.1557753306000.1545.1557757860290%40Atlassian.JIRA. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-57434) Unable to add or edit roles
Title: Message Title Nathan Vahrenberg created an issue Jenkins / JENKINS-57434 Unable to add or edit roles Issue Type: Bug Assignee: Oleg Nenashev Components: role-strategy-plugin Created: 2019-05-13 13:15 Priority: Major Reporter: Nathan Vahrenberg When attempting to add or edit roles at "role-strategy/assign-roles" I get a "No valid crumb included with the request" error after I click Save or Apply. I turned off CSRF protection temporarily to see what would happen and when I tried the same thing again I got directed to a page that states "**The URL you're trying to access requires that requests be sent using POST (like a form submission). The button below allows you to retry accessing this URL using POST." If I try the "Retry using POST" button it doesn't throw any errors in the browser but the role is not saved. The /var/log/jenkins/jenkins.log file has this error: "2019-05-13 13:12:07.481+ [id=3062] INFO o.e.j.s.h.ContextHandler$Context#log: While serving https://jenkins.cerner.com/dwx2/role-strategy/assignSubmit: hudson.security.AccessDeniedException2: anonymous is missing the Overall/Administer permission" I am definitely signed in before and after making the request, but is my login context not being included on the retried request? For what it's worth I tried the fix from JENKINS-20327 to adjust the maximum form size, but no luck there.
