On Mon, Aug 8, 2011 at 15:15, scott <[email protected]> wrote: > I'm running CruiseControl v1.6.7981.1 on Windows. I'm trying to lock > down one of my servers so that everyone can see the jobs but only a > certain group can force builds, etc. I would like users to be > automatically recognized and not need to log in explicitly. I'm > getting the same problem in IE, Firefox, and Chrome: anyone can see > the jobs on the webdashboard but in order to force jobs successfully > ldap users need to log in to CC with their network credentials using > the 'Login' link in the upper right of the web dashboard. Once logged > in results are as expected: users in the group can force jobs, others > cannot. > > The main dashboard is running on one server, these jobs are running on > another but display in that dashboard. There is a Login link only on > the remote servers page and that's fine. I want the ldap users to be > automatically recognized just by going to the page. Is there some > setting I need to adjust in either the browsers or on the server to > make this happen? > > Below is what my security section for this server looks like: > > <internalSecurity> > <cache type="inMemoryCache" duration="10" mode="sliding" /> > <defaults> > <defaultRight>Deny</defaultRight> > <viewProject>Allow</viewProject> > </defaults> > <users> > <ldapUser name="dick" domain="myDomain" /> > <ldapUser name="jane" domain="myDomain" /> > <simpleUser name="*" /> > </users> > <permissions> > <rolePermission name="ReleaseManagement" > defaultRight="Allow"> > <users> > <userName name="dick" /> > <userName name="jane" /> > </users> > </rolePermission> > </permissions> > </internalSecurity>
You need to enable Integrated Windows Authentication in IIS for the user ID to get picked up (I'm assuming you're using Active Directory?) but even then, it doesn't seem to work. I posted asking about this twice back in December and received no response.
