Hi,
I have set up authentication in CC.NET 1.6 using ldapUsers and this
works. Users can login on the dashboard with their active directory
accounts and I am able to manage what they can or cannot do. By
default, users should be able to see the projects, but are only
allowed to build them if they either have the role 'Builder' or
'Admin'. What puzzles me, is that when a user who hasn't logged in yet
tries to force a build, he is presented with the following exception
message:
Request processing has failed on the remote server: The session token
is either invalid or is for a session that has expired.
This is rather confusing for users and it would be nice if the user
were presented with a login dialog or at the very least a friendly
prompt requesting the user to first login. Even better would be if
users didn't have to login at all and the logged in windows account
were detected automatically.
So, my question is, why am I getting this exception message and isn't
there a more elegant way of handling this?
This is roughly how my security has been configured:
<defaults defaultRight="Deny" viewProject="Allow"/>
<users>
<ldapUser name="john" domain="MyDomain"/>
...
</users>
<permissions>
<rolePermission name="Builder" defaultRight="Deny"
viewProject="Allow" forceBuild="Allow">
<users>
<userName name="john"/>
</users>
</rolePermission>
<rolePermission name="Admin" defaultRight="Allow">
<users>
<userName name="christopher"/>
</users>
</rolePermission>
Then, at the project level, I have added this:
<security type="defaultProjectSecurity" guest="*">
<permissions>
<rolePermission name="Admin" ref="Admin"/>
<rolePermission name="Builder" ref="Builder"/>
</permissions>
</security>
Regards,
Christopher
