Jenkins login using GitHub Authentication failed being administrator

security jenkins github oauth
6,372

Inspired by Jenkins: Accessed denied after turning on global security. How to revert?:

Since in above issue, they haven't used Github Auth plugin, my Jenkins config.xml had other tags, this is what I did:

  1. in my Jenkins server, JENKIN_HOME/config.xml

  2. First under <authorizationStrategy>, set true for below

    authenticatedUserReadPermission
useRepositoryPermissions
authenticatedUserCreateJobPermission      
allowAnonymousReadPermission 
allowAnonymousJobStatusPermission

  3. Then I was at least able to view Jenkins jobs as "Anonymous" user

  4. Then I created a new Auth in my organization's GitHub --> My profile --> setting --> "OAuth Application" --> Developers Application and provided similar input, mainly Authorization callback URL: http://myjenkinsserver:8080/securityRealm/finishLogin

  5. Generated new Client Id and Secrete

  6. Modified jekins config.xml
  7. restarted jenkins

  8. tried to login Jenkins, this time it redirected to my org GitHub and asks that Jenkins wants to Authentical, I "Granted" but got new error

    org.kohsuke.github.HttpException: Server returned HTTP response code: -1, message: 'null' for URL: https://ghe.acme.com/api/v3/user

  9. Found that this API is not correct,

  10. Modified jenkins config.xml 

    <githubApiUri>https://github.<myorg>.com/api/v3</githubApiUri>

and this time it worked :)

Share:
6,372

Related videos on Youtube

sandejai
Author by

sandejai

JAVA developer

Updated on September 18, 2022

Comments

  • sandejai
    sandejai over 1 year

    I was setting up authentication mechanism for our organization jenkins, which had no security mechanism, "ananoumos" can do anything, delete jobs,build etc. I did

    1. Install github-oauth jenkins plugin

    2. In my https://github..com/ a. OAuthApplication --> created new Application b. provided all details, main thing was the authorization callback --> http://myserver.example.com:8080/securityRealm/finishLogin myserver.example.com = my jenkin server

    3. Ok

    4. It created , "ClientId" and "Client secrete" --> Noted down

    5. Go to Jenkins and configure "Global security: like mentioned here

    When I clicked "Save" in Jenkin security configuration, It trowed big scary error

    STDERR: hudson.security.AccessDeniedException2: anonymous is missing the Overall/Administer permission at hudson.security.ACL.checkPermission(ACL.java:57)

    and then when I clicked jekins home page, it tried to redirect me to my org github but failed with "404"

    Way out in "Answer" section

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Maven release / Github OAuth token / Jenkins: could not read Username for 'https://github.com': No such device or address
How to manage OAuth flow in mobile application with server
How to clone a directory from a remote repo in a Jenkins pipeline script?
Jenkins unable to fetch repo - code 255 permission denied
Jenkins won't trigger build after merging a pull request in GitHub
How to trigger a Jenkins build when a push is made to a private github repository
Store client secret securely
not been able to make Jenkins trigger a build when changes are pushed to Github
Jenkins Pipeline job isn't triggered on GitHub push
IP address of localhost:8080 -in webhooks of github +jenkins