Anonymous access to JOC and the Client masters

Issue

  • You have configured your JOC with Client master security as “SSO (security realm an authorization strategy)” and authentication mapping as “Trusted master with equivalent security realm”.
  • Anonymous role has given the following permissions: 

Overall/Read 
Job/Read 
Job/Discover 
Job/Workspace 
View/Read

While authenticated access works fine, what you would like to achieve is that anonymous (non-authenticated) browsing is allowed. However, “curling” root URL of a master gives the following:

Authentication required
<!–
You are authenticated as: anonymous
Groups that you are in:

Permission you need to have (but didn’t): hudson.model.Hudson.Read
… which is implied by: hudson.security.Permission.GenericRead

 

Environment

  • CloudBees Jenkins Operations Center

 

Resolution

With the security settings you have any changes you made in the root context of a client master will be void since it’s read only at that level.

The filter is most likely set on the client master in JOC. You can change the roles and filters for the client master in JOC by opening the context menu for the client master in the list view and select Roles. From there you should be able to remove the filter on anonymous.
If it isn’t there the filter might be set on one of the parent folders.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.