Why I cannot log in directly on the Client masters when using JOC

Issue

  • I cannot log in directly on the Client masters when using JOC

 

Environment

  • CloudBees Jenkins Enterprise
  • CloudBees Jenkins Operations Center

 

Resolution

 

One of the key design features of Operations Center is to make it seem to users as “just one big Jenkins”. Thus, for example, the individual client masters get their breadcrumbs modified to show their context within the cluster, and the UX for users is that client masters feel just like folders. With features that we have added, such as triggering jobs across masters, there is even more scope for linking jobs across masters. There are other features on our backlog: copy/move jobs across masters, copy artifacts across masters, cluster-wide “my jobs” view for Operations Center, etc.

The net effect of all this is that of forcing users to login to other client masters as they navigate from one master to the other. Now at first glance this might seem like just a minor inconvenience for users… they just have to type in their username and password and that establishes a login session on the other master… but our usability testing has identified a major security risk from the feature you are asking for.

As users jump from one master to the other, they leave authenticated sessions on each of the masters that they visit. When they click the logout link on the last master they visit, they forget about all the other masters they have visited. Thus it becomes very easy for well intentioned users to leave an authenticated session for the previous masters that they visited. The single sign on feature that we implemented for Operations Center perhaps should more correctly be called “Single Sign Out” because when you click the logout button on one of the client masters, the session logout information is propagated to all of the client masters within 30 seconds (typically in less than 10s).

The SSO feature does not force users to start navigating from Operations Center, they can start navigation from the client master and the redirect to the login screen should send them back to the master they attempted to login from… From the user perspective the only difference they should see is that their login screen says “Operations Center” on the top banner, but they should have the same [click login] » [enter username and password] » [see the screen they clicked login from] UX that you get with a standalone Jenkins.

Finally, pushing RBAC configuration to client masters is predicated on all masters having the same security realm, which the SSO functionality ensures.

 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.