Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
v_sathyamurthy (2015-04-02 19:00):
Hello Folks,
I would really appreciate if some one could help me. I have
installed jenkins 1.606 on windows,and tried to enable the global
security link. I configured everything correctly. When enver I tried
to test the login I always brought back to error page.
*Invalid login information. Please try again.
Try again*
*If you are a system administrator and suspect this to be a
configuration problem, see the server console output for more details.*
My configuration looks like below:
useSecuritytrue/useSecurity
authorizationStrategy
class=hudson.security.FullControlOnceLoggedInAuthorizationStrategy/
securityRealm class=hudson.security.LDAPSecurityRealm
plugin=ldap@1.6 mailto:ldap@1.6
serverldap://dev-corpldap.com:389/server
rootDNdc=mycompany,dc=com/rootDN
inhibitInferRootDNfalse/inhibitInferRootDN
userSearchBaseou=internal,ou=users,dc=mycompany,dc=com/userSearchBase
userSearchuid={0}/userSearch
managerDNuid=bindid,ou=system,ou=users,dc=mycompany,dc=com/managerDN
managerPasswordUGFzc3dvcmRAMTIz/managerPassword
disableMailAddressResolvertrue/disableMailAddressResolver
/securityRealm
...
If you are using AcitveDirectory (Windows domain) as LDAP then
`userSearch` should be `sAMAccountName={0}`. Also `userSearchBase` might
be different. This might vary between installations, but I'm using
`CN=Users` and it works fine.
Regards,
Nux.
--
You received this message because you are subscribed to the Google Groups Jenkins
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/5538BAD6.2010300%40mol.com.pl.
For more options, visit https://groups.google.com/d/optout.
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
PS: Also `managerDN` should simply be a user name prefixed with domain
name e.g. `MYCOMPANY\MyUser`. Any user with basic permissions should work.
Maciej Jaros (2015-04-23 11:26):
v_sathyamurthy (2015-04-02 19:00):
Hello Folks,
I would really appreciate if some one could help me. I have
installed jenkins 1.606 on windows,and tried to enable the global
security link. I configured everything correctly. When enver I tried
to test the login I always brought back to error page.
*Invalid login information. Please try again.
Try again*
*If you are a system administrator and suspect this to be a
configuration problem, see the server console output for more details.*
My configuration looks like below:
useSecuritytrue/useSecurity
authorizationStrategy
class=hudson.security.FullControlOnceLoggedInAuthorizationStrategy/
securityRealm class=hudson.security.LDAPSecurityRealm
plugin=ldap@1.6 mailto:ldap@1.6
serverldap://dev-corpldap.com:389/server
rootDNdc=mycompany,dc=com/rootDN
inhibitInferRootDNfalse/inhibitInferRootDN
userSearchBaseou=internal,ou=users,dc=mycompany,dc=com/userSearchBase
userSearchuid={0}/userSearch
managerDNuid=bindid,ou=system,ou=users,dc=mycompany,dc=com/managerDN
managerPasswordUGFzc3dvcmRAMTIz/managerPassword
disableMailAddressResolvertrue/disableMailAddressResolver
/securityRealm
...
If you are using AcitveDirectory (Windows domain) as LDAP then
`userSearch` should be `sAMAccountName={0}`. Also `userSearchBase`
might be different. This might vary between installations, but I'm
using `CN=Users` and it works fine.
Regards,
Nux.
--
You received this message because you are subscribed to the Google
Groups Jenkins Users group.
To unsubscribe from this group and stop receiving emails from it, send
an email to jenkinsci-users+unsubscr...@googlegroups.com
mailto:jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/5538BAD6.2010300%40mol.com.pl
https://groups.google.com/d/msgid/jenkinsci-users/5538BAD6.2010300%40mol.com.pl?utm_medium=emailutm_source=footer.
For more options, visit https://groups.google.com/d/optout.
MOL sp. z o.o. *Maciej Jaros*
e-mail: mac...@mol.com.pl mailto:mac...@mol.com.pl
WWW: www.mol.pl http://www.mol.pl/
tel: 58 669 80 90
fax: 58 669 80 91
--
You received this message because you are subscribed to the Google Groups Jenkins
Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/5538BB72.9020306%40mol.com.pl.
For more options, visit https://groups.google.com/d/optout.
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello Victor, The main issue I am facing is not sure if the requet is hitting correctly for ldap call. That is the reason I am trying to set debug unfortunately could not server is starting perfectly with all the right config for ldap setting. Look below: The login screen is not hitting /j_acegi_security_check correctly and everytime leads to error page. === C:\Jenkinsjava -jar jenkins.war Running from: C:\Jenkins\jenkins.war webroot: $user.home/.jenkins Apr 06, 2015 2:54:36 PM winstone.Logger logInternal INFO: Beginning extraction from war file Apr 06, 2015 2:54:36 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: jetty-winstone-2.8 Apr 06, 2015 2:54:38 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: NO JSP Support for , did not find org.apache.jasper.servlet.JspServlet Jenkins home directory: C:\Users\e513788\.jenkins found at: $user.home/.jenkins Apr 06, 2015 2:54:39 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: Started SelectChannelConnector@0.0.0.0:8080 Apr 06, 2015 2:54:39 PM winstone.Logger logInternal INFO: Winstone Servlet Engine v2.0 running: controlPort=disabled Apr 06, 2015 2:54:39 PM jenkins.InitReactorRunner$1 onAttained INFO: Started initialization Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Listed all plugins Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Prepared all plugins Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Started all plugins Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Augmented all extensions Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Loaded all jobs Apr 06, 2015 2:54:44 PM org.jenkinsci.main.modules.sshd.SSHD start INFO: Started SSHD at port 63262 Apr 06, 2015 2:54:44 PM jenkins.util.groovy.GroovyHookScript execute INFO: Executing C:\Users\my\.jenkins\init.groovy.d\extralogging.groovy Apr 06, 2015 2:54:45 PM hudson.model.AsyncPeriodicWork$1 run INFO: Started Download metadata before define logger after setting log level:ALL Apr 06, 2015 2:54:45 PM jenkins.InitReactorRunner$1 onAttained INFO: Completed initialization Apr 06, 2015 2:54:45 PM org.springframework.web.context.support.StaticWebApplicationContext prepareRefresh INFO: Refreshing org.springframework.web.context.support.StaticWebApplicationContext@6c1aa804: display name [Root WebApplicationContext]; startup date [Mon Apr 06 14:54:45 EDT 2015]; root of context hierarchy Apr 06, 2015 2:54:45 PM org.springframework.web.context.support.StaticWebApplicationContext obtainFreshBeanFactory INFO: Bean factory for application context [org.springframework.web.context.support.StaticWebApplicationContext@6c1aa804]: org.springframework.beans.factory.support.DefaultListableBeanFactory@2ebb3cc4 Apr 06, 2015 2:54:45 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@2ebb3cc4: defining beans [initialDirContextFactory,bindAuthenticator,ldapUserSearch,authenticationManager,authoritiesPopulator]; root of factory hierarchy Apr 06, 2015 2:54:45 PM org.acegisecurity.ldap.DefaultInitialDirContextFactory setProviderUrl INFO: URL 'ldap://dev-corpldap.com:2389/dc=mycompany,dc=com', root DN is 'dc=mycompany,dc=com' Apr 06, 2015 2:54:45 PM org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator setGroupSearchBase INFO: groupSearchBase is empty. Searches will be performed from the root: dc=mycompany,dc=com Inside AuthenticationProcessingFilter2 URL=/j_acegi_security_check Apr 06, 2015 2:54:46 PM org.springframework.web.context.support.StaticWebApplicationContext prepareRefresh INFO: Refreshing org.springframework.web.context.support.StaticWebApplicationContext@7839fb04: display name [Root WebApplicationContext]; startup date [Mon Apr 06 14:54:46 EDT 2015]; root of context hierarchy Apr 06, 2015 2:54:46 PM org.springframework.web.context.support.StaticWebApplicationContext obtainFreshBeanFactory INFO: Bean factory for application context [org.springframework.web.context.support.StaticWebApplicationContext@7839fb04]: org.springframework.beans.factory.support.DefaultListableBeanFactory@4bcb5109 Apr 06, 2015 2:54:46 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@4bcb5109: defining beans [filter,legacy]; root of factory hierarchy Apr 06, 2015 2:54:46 PM hudson.WebAppMain$3 run INFO: Jenkins is fully up and running Apr 06, 2015 2:54:46 PM hudson.WebAppMain$3 run INFO: Jenkins is fully up and running Apr 06, 2015 2:55:07 PM hudson.model.AsyncPeriodicWork$1 run == thanks Venkat On Thursday, April 2, 2015 at 2:36:38 PM UTC-4, Victor Martinez wrote: Follow the below steps: -
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello victor, I created the groovy script and noticed it is executing still no luck, I could not see any logs. I am trying to understand is the control is going there are not. Grrovy script: import java.util.logging.ConsoleHandler import java.util.logging.LogManager import java.util.logging.Level def logger = LogManager.getLogManager().getLogger(hudson.security) logger.addHandler (new ConsoleHandler()) logger.setLevel(Level.ALL) Console output === Apr 06, 2015 11:55:48 AM jenkins.util.groovy.GroovyHookScript execute INFO: Executing C:\Users\e513788\.jenkins\init.groovy.d\extralogging.groovy thanks venkat On Thursday, April 2, 2015 at 2:36:38 PM UTC-4, Victor Martinez wrote: Follow the below steps: - https://wiki.jenkins-ci.org/display/JENKINS/Logging - Since that plugin uses loggers: https://github.com/jenkinsci/ldap-plugin/blob/ldap-1.6/src/main/java/hudson/security/LDAPSecurityRealm.java#L796 - Add the below logger: hudson.security I hope it helps :) On Thursday, 2 April 2015 20:05:48 UTC+2, v_sathy...@hotmail.com wrote: Hello Victor, I tried search for logging and no good help. Moreover I am still struggling to enable as debug so that I can trace the calls. Any helpful links would be much appreciated. thanks Venkat On Thursday, April 2, 2015 at 1:25:02 PM UTC-4, Victor Martinez wrote: I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0bdecc95-18dd-424e-b052-d5e81b018b89%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/537aa4b1-8fc4-4ecf-aa08-85c88d89c789%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello Folks,
I would really appreciate if some one could help me. I have installed
jenkins 1.606 on windows,and tried to enable the global security link. I
configured everything correctly. When enver I tried to test the login I
always brought back to error page.
*Invalid login information. Please try again. Try again*
*If you are a system administrator and suspect this to be a configuration
problem, see the server console output for more details.*
My configuration looks like below:
useSecuritytrue/useSecurity
authorizationStrategy
class=hudson.security.FullControlOnceLoggedInAuthorizationStrategy/
securityRealm class=hudson.security.LDAPSecurityRealm plugin=ldap@1.6
serverldap://dev-corpldap.com:389/server
rootDNdc=mycompany,dc=com/rootDN
inhibitInferRootDNfalse/inhibitInferRootDN
userSearchBaseou=internal,ou=users,dc=mycompany,dc=com/userSearchBase
userSearchuid={0}/userSearch
managerDNuid=bindid,ou=system,ou=users,dc=mycompany,dc=com/managerDN
managerPasswordUGFzc3dvcmRAMTIz/managerPassword
disableMailAddressResolvertrue/disableMailAddressResolver
/securityRealm
Moreover, on the console log I could not see any log related to call going
for ldap auth. All I see like below
C:\Jenkins
C:\Jenkinsjava -jar jenkins.war
Running from: C:\Jenkins\jenkins.war
webroot: $user.home/.jenkins
Apr 02, 2015 12:41:19 PM winstone.Logger logInternal
INFO: Beginning extraction from war file
Apr 02, 2015 12:41:19 PM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: jetty-winstone-2.8
Apr 02, 2015 12:41:21 PM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: NO JSP Support for , did not find org.apache.jasper.servlet.JspServlet
Jenkins home directory: C:\Users\e513788\.jenkins found at:
$user.home/.jenkins
Apr 02, 2015 12:41:22 PM org.eclipse.jetty.util.log.JavaUtilLog info
INFO: Started SelectChannelConnector@0.0.0.0:8080
Apr 02, 2015 12:41:22 PM winstone.Logger logInternal
INFO: Winstone Servlet Engine v2.0 running: controlPort=disabled
Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained
INFO: Started initialization
Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained
INFO: Listed all plugins
Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained
INFO: Prepared all plugins
Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained
INFO: Started all plugins
Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained
INFO: Augmented all extensions
Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained
INFO: Loaded all jobs
Apr 02, 2015 12:41:27 PM org.jenkinsci.main.modules.sshd.SSHD start
INFO: Started SSHD at port 59175
Apr 02, 2015 12:41:27 PM hudson.model.AsyncPeriodicWork$1 run
INFO: Started Download metadata
Apr 02, 2015 12:41:27 PM jenkins.InitReactorRunner$1 onAttained
INFO: Completed initialization
Apr 02, 2015 12:41:28 PM
org.springframework.web.context.support.StaticWebApplicationContext
prepareRefresh
INFO: Refreshing
org.springframework.web.context.support.StaticWebApplicationContext@60c6fe68:
display name [Root WebApplicationContext]; startup date [Thu Apr 02
12:41:28 EDT 2015]; root of context hiera
Apr 02, 2015 12:41:28 PM
org.springframework.web.context.support.StaticWebApplicationContext
obtainFreshBeanFactory
INFO: Bean factory for application context
[org.springframework.web.context.support.StaticWebApplicationContext@60c6fe68]:
org.springframework.beans.factory.support.DefaultListableBeanFactory@457d0e81
Apr 02, 2015 12:41:28 PM
org.springframework.beans.factory.support.DefaultListableBeanFactory
preInstantiateSingletons
INFO: Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@457d0e81:
defining beans
[initialDirContextFactory,bindAuthenticator,ldapUserSearch,authenticatio
Apr 02, 2015 12:41:28 PM
org.acegisecurity.ldap.DefaultInitialDirContextFactory setProviderUrl
INFO: URL 'ldap://dev-corpldap.com:389/dc=mycompany,dc=com', root DN is
'dc=mycompany,dc=com'
Apr 02, 2015 12:41:28 PM
org.springframework.web.context.support.StaticWebApplicationContext
prepareRefresh
INFO: Refreshing
org.springframework.web.context.support.StaticWebApplicationContext@21306eb2:
display name [Root WebApplicationContext]; startup date [Thu Apr 02
12:41:28 EDT 2015]; root of context hiera
Apr 02, 2015 12:41:28 PM
org.springframework.web.context.support.StaticWebApplicationContext
obtainFreshBeanFactory
INFO: Bean factory for application context
[org.springframework.web.context.support.StaticWebApplicationContext@21306eb2]:
org.springframework.beans.factory.support.DefaultListableBeanFactory@6ad0f4d1
Apr 02, 2015 12:41:28 PM
org.springframework.beans.factory.support.DefaultListableBeanFactory
preInstantiateSingletons
INFO: Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@6ad0f4d1:
defining beans [filter,legacy]; root of factory hierarchy
Apr 02,
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Follow the below steps: - https://wiki.jenkins-ci.org/display/JENKINS/Logging - Since that plugin uses loggers: https://github.com/jenkinsci/ldap-plugin/blob/ldap-1.6/src/main/java/hudson/security/LDAPSecurityRealm.java#L796 - Add the below logger: hudson.security I hope it helps :) On Thursday, 2 April 2015 20:05:48 UTC+2, v_sathy...@hotmail.com wrote: Hello Victor, I tried search for logging and no good help. Moreover I am still struggling to enable as debug so that I can trace the calls. Any helpful links would be much appreciated. thanks Venkat On Thursday, April 2, 2015 at 1:25:02 PM UTC-4, Victor Martinez wrote: I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/68219ee3-122b-4485-8e1f-e6bd15a86ae2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello Victor, I tried search for logging and no good help. Moreover I am still struggling to enable as debug so that I can trace the calls. Any helpful links would be much appreciated. thanks Venkat On Thursday, April 2, 2015 at 1:25:02 PM UTC-4, Victor Martinez wrote: I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0c74541c-9619-4590-8ec3-922ad85eaecc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
