search

PatrickRoumanoff / nexus-crowd-plugin

Sonatype Nexus plugin for Atlassian Crowd integration
http://patrickroumanoff.github.io/nexus-crowd-plugin/
40 stars 20 forks source link

Unable to authenticate with any ID from Crowd #11

Closed anthonyyeong closed 10 years ago

anthonyyeong commented 10 years ago

I'm using Nexus 2.7.1-01 and Crowd 2.7.

After setting up the plugin (plugin 2.7.0) on my Nexus, I'm able to add some crowd users from "External User Role Mapping" with Nexus Administrator role assigned.

However, when i tried to login using those IDs, it kept displaying: "Incorrect username, password or no permission to use the Nexus User Interface. Try again"

I'm quite sure the credential is correct. If the password is wrong, it will display: "Incorrect username, password or no permission to use the Nexus User Interface. Try again. Please login before attempting further requests"

Please help...

PatrickRoumanoff commented 10 years ago

I haven't had a chance to test this release as this was a patch submitted by external contributors. I will run some test on my end.

flopma commented 10 years ago

Cannot test either as I have not yet migrated to 2.7. Anyway, can you add a screen shot of the permissions you gave to one of those problematic users ?

elm- commented 10 years ago

Does the login work when you use the "Test Authentication" feature within Crowd itself against the Nexus application?

anthonyyeong commented 10 years ago

Here you go, the screenshot:

[cid:image001.jpg@01CF16EB.E8B81EE0] nexususer

From: flopma [mailto:notifications@github.com] Sent: Tuesday, 21 January, 2014 8:59 PM To: PatrickRoumanoff/nexus-crowd-plugin Cc: Yeong Che Yee Anthony (NCS) Subject: Re: [nexus-crowd-plugin] Unable to authenticate with any ID from Crowd (#11)

Cannot test either as I have not yet migrated to 2.7. Anyway, can you add a screen shot of the permissions you gave to one of those problematic users ?

— Reply to this email directly or view it on GitHubhttps://github.com/PatrickRoumanoff/nexus-crowd-plugin/issues/11#issuecomment-32876888.

anthonyyeong commented 10 years ago

Yes. All tested working.

I’ve been setting Crowd for Jenkins, Sonar and SVN. All have been working good.

Nexus is the only one having this issue.

From: Elmar [mailto:notifications@github.com] Sent: Tuesday, 21 January, 2014 9:00 PM To: PatrickRoumanoff/nexus-crowd-plugin Cc: Yeong Che Yee Anthony (NCS) Subject: Re: [nexus-crowd-plugin] Unable to authenticate with any ID from Crowd (#11)

Does the login work when you use the "Test Authentication" feature within Crowd itself against the Nexus application?

— Reply to this email directly or view it on GitHubhttps://github.com/PatrickRoumanoff/nexus-crowd-plugin/issues/11#issuecomment-32879533.

MrCitron commented 10 years ago

I had the same issue until I had "OSS Crowd Authentication Realm" to the "Selected Realms" panel in the server/ security settings tab in Nexus.

flopma commented 10 years ago

You should not need to use the "External User Role Mapping" to add a crowd user into nexus.

1) select Crowd into the list of users set (All users, All configured users, ...) 2) lookup your user from crowd 3) use the role management in the detail pane to add/remove nexus role to your crowd user

anthonyyeong commented 10 years ago

I’ve done that too but result was the same. :(

From: Metin OSMAN [mailto:notifications@github.com] Sent: Tuesday, 21 January, 2014 9:13 PM To: PatrickRoumanoff/nexus-crowd-plugin Cc: Yeong Che Yee Anthony (NCS) Subject: Re: [nexus-crowd-plugin] Unable to authenticate with any ID from Crowd (#11)

I had the same issue until I had "OSS Crowd Authentication Realm" to the "Selected Realms" panel in the server/ security settings tab in Nexus.

— Reply to this email directly or view it on GitHubhttps://github.com/PatrickRoumanoff/nexus-crowd-plugin/issues/11#issuecomment-32883515.

anthonyyeong commented 10 years ago

I’ve tried that just now. I’ve first removed all crowd users and add back using your steps but result is negative.

From: flopma [mailto:notifications@github.com] Sent: Tuesday, 21 January, 2014 9:38 PM To: PatrickRoumanoff/nexus-crowd-plugin Cc: Yeong Che Yee Anthony (NCS) Subject: Re: [nexus-crowd-plugin] Unable to authenticate with any ID from Crowd (#11)

You should not need to use the "External User Role Mapping" to add a crowd user into nexus.

1) select Crowd into the list of users set (All users, All configured users, ...) 2) lookup your user from crowd 3) use the role management in the detail pane to add/remove nexus role to your crowd user

— Reply to this email directly or view it on GitHubhttps://github.com/PatrickRoumanoff/nexus-crowd-plugin/issues/11#issuecomment-32885228.

anthonyyeong commented 10 years ago

I've enable the trace logging.

Following steps are executed: 1) Login with "pilotuser" which is a nexus local user. Login Successful.

2) Login with "anthonyyeong" which is an ID from crowd directory. Login with correct password. Login failed. "Incorrect username, password or no permission to use the Nexus User Interface. Try again"

3) Login with "pilotuser" which is a nexus local user. Login Successful.

4) Login with "anthonyyeong" which is an ID from crowd directory. Login with incorrect password. Login failed. "Incorrect username, password or no permission to use the Nexus User Interface. Try again. Please login before attempting further requests"

The logs: https://drive.google.com/file/d/0B_BWNv9nPUfyZWNlSlhja1NUdG8/edit?usp=sharing

anthonyyeong commented 10 years ago

I've found the problem.

Apparently it's due to the groups (created in Crowd) that's tied to the Crowd ID.

I can authenticate right after mapping these crowd's group to nexus role. It can't be leave empty.