fcrespel
commented
5 years ago @Wadeck as you seem to have been working on the user seed feature in Jenkins core, would you mind taking a look at this PR before I merge it and release a new version of this plugin?
As described in fcrespel/jenkins-cas-plugin#9, Jenkins 2.160 and 2.150.2 LTS introduced changes to fix SECURITY-901 issues, which broke the CAS plugin (and others) with an infinite redirect loop.
This PR changes the login flow to handle the Acegi SecurityContext mapping and call
SecurityListener.fireAuthenticated()indoFinishLogin(), so that the user seed is properly stored in session.