'User is missing the Overall/Read permission' error with Jenkins GitHub OAuth Plugin

Question

I\'m using the github oauth plugin for our logins but for all of our users in the Organisation I get an error:

Access Denied

 is missing the Ov         


        

Answer 1

reset from <useSecurity>true</useSecurity> to <useSecurity>false</useSecurity> in config.xml and set the permission again.

Answer 2

The matrix security is not terribly clear. I am a member of a specific group in our org that has admin privileges however I am also an authenticated user. I would think that the one group super-cedes the other however I have to have both in order to actually log into the system and be admin. It's screwed up IMO.

Answer 3

• Go to $JENKINS_HOME (linux, jenkins in windows), and find config.xml file.
• Open this file in the editor. (take backup of .jenkins home)
• Look for the <useSecurity>true</useSecurity> element in this file.
• Replace "true" with "false"
• Remove the elements authorizationStrategy and securityRealm
• Start Jenkins

Answer 4

I edited the /var/lib/jenkins/config.xml file and replaced the

<authorizationStrategy>...</authorizationStrategy> 

with

<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">
    <denyAnonymousReadAccess>true</denyAnonymousReadAccess>
</authorizationStrategy>

It is the default settings after installation. Then restart the jenkins service.

Answer 5

Have you followed this step, from the plugin page?

Control user authorization (i.e. who is allowed to see the jobs and build them) using the Github Commiter Authorization Strategy

Also, make sure you actually allow authenticated users to access Jenkins

• Under Jenkins global configuration, under Authorization, add user/group called authenticated
• Give that group Overall Read permission
• The group should show up with a "group" icon (two users), as opposed to single user icon.

Answer 6

The assignment of roles to users is stored in config.xml file. Add the ID of the user directly to the role and then restart Jenkins.

In my case, I have a role named editor and a bunch of users assigned to the role.

 <role name="editor" pattern=".*">
     <permissions>
         <...>
         <permission>hudson.model.Item.Create</permission>
         <permission>hudson.model.Item.Workspace</permission>
         <permission>...</permission>
     </permissions>
     <assignedSIDs>
         <sid>bob</sid>
         <sid>alice</sid>
         <sid>**newuser**</sid>   
     </assignedSIDs>
  </role>