How to disable CJOC authorization in CJE?

January 03, 2018 23:30

Issue

Changes to Identity Management Provider have locked out access to CJOC
No access to CJOC

Environment

CloudBees Jenkins Enterprise (CJE) - AWS/OpenStack/Anywhere
CloudBees Jenkins Enterprise - Managed Master (CJE-MM)
CloudBees Jenkins Enterprise - Operations Center (CJE-OC)

Resolution

Authentication for CJOC can be removed, if needed, by editing the config.xml file. However, in CJE additional steps are needed to ensure that changes are saved and restart is handled correctly.

1) Connect to the worker

First, run cje run find-worker-for cjoc to find out in which worker the container is running. In the following example it would be worker-2 for CJOC, Then ssh into the worker with

dna connect worker-2

2) Disable Security

Go to /mnt/cjoc/<containerid> in the file system and find config.xml file.
Open config.xml file in the vi editor.
Look for the <useSecurity>true</useSecurity> element in this file.
Replace true with false

4) Restart CJOC

Restart the CJOC worker - dna stop cjoc and dna start cjoc

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

2 Comments

Date Votes

0
Baptiste Mathus December 19, 2017 08:32
Not sure what you want, but in case your goal is to log into a given tenant, you can use the following
```
cje run ssh-into-tenant cjoc
```
For cjoc, it will always be named as such. For other tenants, you can list all applications using
```
$ cje run list-applications
elasticsearch.jce : worker-23 
cjoc.jce : worker-23 
castle.jce : worker-23 
palace.jce : worker-23 
e-commerce.teams.masters : worker-23 
digital-marketing.teams.masters : worker-23 
ux-team.teams.masters : worker-23 
supply-chain.teams.masters : worker-23 
```
And then take the part before the last dot as the tenant name. For instance above it would be e-commerce.teams, etc.
Permalink
0

Eric Long June 21, 2017 03:11

How do you find the TENANT_ID ?

Permalink

Please sign in to leave a comment.