How to allow agents to connect to Jenkins controller without "-secret" jnlp option?

About

Asked 8/4, 2016 at 14:46 Answered 10/4, 2016 at 5:7

Yesterday, my Jenkins controller (v 1.646, linux debian Jessie 8.3) was working and several agents was connecting on it via the jnlp command:

java -jar slave.jar -jnlpUrl http://myhost:8080/computer/bob-pc.local/slave-agent.jnlp

Now I guess something changed (war update ? plugin update ? security option changed ?) because now my agents cant connect anymore since the jnlp command is now :

java -jar slave.jar -jnlpUrl http://myhost:8080/computer/bob-pc.local/slave-agent.jnlp -secret rt435te435a208c7201d99f7b1e5dd9c044da86d12efd8527

The -secret ... part of the command is new and I cant figure out which change added this option.

How to allow agents to connect to Jenkins controller without "-secret" jnlp option ?

Evade answered 8/4, 2016 at 14:46 Comment(3)

Have you checked Enable security in Manage Jenkins > Global Security? You can try to turn it off. – Soaring 8/4, 2016 at 18:2

I switched "Configure Global Security > Authorization" to "Anyone can do anything" and it worked ! Best approach globally is to switch all security off and then reactivate them one by one. Post this as an answer if u want. – Evade 11/4, 2016 at 8:30

Try if mainframer's answer works first, as he indeed has a point in not having security enabled should only be used in rare cases as it poses high risks. – Soaring 11/4, 2016 at 9:25

This credential behavior is controlled by Matrix Authorization Strategy Plugin, this plugin is shipped with jenkins by default.

If you are the jenkins administrator, you can turn this off by following these steps:

Manage Jenkins -->Configure Global Security-->Access Control-->Authorization

Either in Matrix-based security or Project-based Matrix Authorization Strategy, make sure you you have checked the Connect options of Slave for Anonymous role.

Libbi answered 10/4, 2016 at 5:7 Comment(3)

"Matrix-based security" was activated but then I desactivated it : Manage Jenkins -->Configure Global Security-->Access Control-->Authorization ==> "Logged-in users can do anything". Jenkins restarted, nothing changed ! – Evade 11/4, 2016 at 8:29

You should either activate "Matrix-based security" or activate "Project-based Matrix Authorization Strategy" , not "Logged-in users can do anything". And in addition, no need to restart jenkins. – Libbi 11/4, 2016 at 9:14

it worked ! It activated "Matrix Authorization Strategy" and followed the mainframer tip. – Evade 11/4, 2016 at 10:55

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags