- The SAML plugin started failing after migrating to version 220.127.116.11 or greater.
- CloudBees Core is using
- In the log you should see traces resembling:
INFO o.p.s.m.SAML2ServiceProviderMetadataResolver#<init>: Using SP entity ID https://<domain>/cjoc/securityRealm/finishLogin
- CloudBees Core
- CloudBees Core on modern cloud platforms - Managed Master
- CloudBees Core on modern cloud platforms - Operations Center
- SAML Plugin
The explanation for this failure is that the CloudBees Core default scheme for the Jenkins location was changed from
The SAML plugin is using the Jenkins location (
http) to listen for the answer of the SAML provider, which itself answers use the real scheme (
The solution is to make sure the Jenkins location is correct.
You can do so by editing the
kubectl edit configmap cjoc-configure-jenkins-groovy.
In the data section of the
ConfigMap locate the
jenkins.model.JenkinsLocationConfiguration.get().setUrl call and make sure it uses
- CloudBees Core version
- SAML Plugin in the envelope of this version.