apropos kill errno and read the manual on the kill system call and the error codes. Operation not permitted is EPERM. Per man 2 kill
For a process to have permission to send a signal, it must
either be privileged (under Linux: have the
CAP_KILL capability in the user namespace of the target process), or the real or effective user ID of the
sending process must equal the real or saved set-user-ID of the target process.
Examine that PID versus jenkins shell and see how the users are different. Also look at SELinux contexts with ps Z. Different users is in general a good thing, it provides better isolation. In this case, between the deployment tool and the application it installs.
Consider running the application in a service manager. On systemd Linux systems like this, a service unit is a choice. After writing such a unit, you can give the jenkins user access to manage the unit via PolicyKit rules. And of course make the corresponding change to jenkins scripts to run systemctl commands to manage the service. Will make the ps and kill commands obsolete with better handling of unit processes.
Moving this into a service manager puts it in control of the user to run as. You go further in hardening and enable PrivateUsers= or DynamicUser= on this unit, disconnecting the Java app user from the rest of the system entirely. jenkins can still stop and start the service.
The main disadvantage of going with systemd, it is not portable. You will need some other solution for non-Linux systems.
