Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11172

/signup creates exception if using LDAP authentication and project based matrix authorization

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • core
    • None
    • Ubuntu 11.04 and tomcat6 as container, using project-based matrix authorization and LDAP auth

      Since users are checked against LDAP, users cannot signup, so going to http://server/signup causes an internal server error:

      javax.servlet.ServletException: java.lang.NullPointerException
      org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:603)
      org.kohsuke.stapler.Stapler.invoke(Stapler.java:646)
      org.kohsuke.stapler.Stapler.invoke(Stapler.java:477)
      org.kohsuke.stapler.Stapler.service(Stapler.java:159)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:95)
      hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:87)
      hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:85)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:61)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
      hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
      hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
      root cause

      java.lang.NullPointerException
      jenkins.model.Jenkins.doSignup(Jenkins.java:3169)
      sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      java.lang.reflect.Method.invoke(Method.java:616)
      org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:282)
      org.kohsuke.stapler.Function.bindAndInvoke(Function.java:149)
      org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:88)
      org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:104)
      org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
      org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:561)
      org.kohsuke.stapler.Stapler.invoke(Stapler.java:646)
      org.kohsuke.stapler.Stapler.invoke(Stapler.java:477)
      org.kohsuke.stapler.Stapler.service(Stapler.java:159)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:95)
      hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:87)
      hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:85)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:61)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
      hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
      hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
      hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)

          [JENKINS-11172] /signup creates exception if using LDAP authentication and project based matrix authorization

          evernat added a comment -

          Is it reproduced with a recent Jenkins version?

          evernat added a comment - Is it reproduced with a recent Jenkins version?

          Yes. I have the latest Jenkins version and a similar setup. Authentication is set up using LDAP. I also use XSS protection.

          There is no "Signup" link on the website, but going to http://yourserver/signup gives the following exception:

          Status Code: 500

          Exception: java.lang.NullPointerException
          Stacktrace:
          javax.servlet.ServletException: java.lang.NullPointerException
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:615)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:487)
          at org.kohsuke.stapler.Stapler.service(Stapler.java:164)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:45)
          at winstone.ServletConfiguration.execute(ServletConfiguration.java:248)
          at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:376)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:95)
          at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:87)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
          at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
          at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
          at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
          at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
          at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215)
          at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
          at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
          at java.util.concurrent.FutureTask.run(FutureTask.java:166)
          at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
          at java.lang.Thread.run(Thread.java:679)
          Caused by: java.lang.NullPointerException
          at jenkins.model.Jenkins.doSignup(Jenkins.java:3344)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:616)
          at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:288)
          at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:151)
          at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:90)
          at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:111)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573)
          ... 52 more

          Cristian Zamfir added a comment - Yes. I have the latest Jenkins version and a similar setup. Authentication is set up using LDAP. I also use XSS protection. There is no "Signup" link on the website, but going to http://yourserver/signup gives the following exception: Status Code: 500 Exception: java.lang.NullPointerException Stacktrace: javax.servlet.ServletException: java.lang.NullPointerException at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:615) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:658) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:487) at org.kohsuke.stapler.Stapler.service(Stapler.java:164) at javax.servlet.http.HttpServlet.service(HttpServlet.java:45) at winstone.ServletConfiguration.execute(ServletConfiguration.java:248) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:376) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:95) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:87) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:47) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:679) Caused by: java.lang.NullPointerException at jenkins.model.Jenkins.doSignup(Jenkins.java:3344) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:288) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:151) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:90) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:111) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:573) ... 52 more

          Daniel Beck added a comment -

          Nothing links there, and it doesn't break anything. Just doesn't look nice.

          Daniel Beck added a comment - Nothing links there, and it doesn't break anything. Just doesn't look nice.

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/java/jenkins/model/Jenkins.java
          core/src/main/resources/hudson/security/SecurityRealm/signup.jelly
          http://jenkins-ci.org/commit/jenkins/277b17758e7b3790a2fdfd00bd576caa655da061
          Log:
          [FIXED JENKINS-11172] Don't throw exception on /signup when not possible

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/java/jenkins/model/Jenkins.java core/src/main/resources/hudson/security/SecurityRealm/signup.jelly http://jenkins-ci.org/commit/jenkins/277b17758e7b3790a2fdfd00bd576caa655da061 Log: [FIXED JENKINS-11172] Don't throw exception on /signup when not possible

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/resources/hudson/security/SecurityRealm/signup.jelly
          http://jenkins-ci.org/commit/jenkins/8d60595fcedffe947a08be097bc906134118983f
          Log:
          JENKINS-11172 Return HTTP 404 on /signup URL if not possible

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/resources/hudson/security/SecurityRealm/signup.jelly http://jenkins-ci.org/commit/jenkins/8d60595fcedffe947a08be097bc906134118983f Log: JENKINS-11172 Return HTTP 404 on /signup URL if not possible

          Code changed in jenkins
          User: Jesse Glick
          Path:
          changelog.html
          core/src/main/java/jenkins/model/Jenkins.java
          core/src/main/resources/hudson/security/SecurityRealm/signup.jelly
          http://jenkins-ci.org/commit/jenkins/78cb49b86acef25f32e8ea01caf91023e27820a6
          Log:
          JENKINS-11172 Noting merge of #1388.

          Compare: https://github.com/jenkinsci/jenkins/compare/aa72b264dc6d...78cb49b86ace

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: changelog.html core/src/main/java/jenkins/model/Jenkins.java core/src/main/resources/hudson/security/SecurityRealm/signup.jelly http://jenkins-ci.org/commit/jenkins/78cb49b86acef25f32e8ea01caf91023e27820a6 Log: JENKINS-11172 Noting merge of #1388. Compare: https://github.com/jenkinsci/jenkins/compare/aa72b264dc6d...78cb49b86ace

          dogfood added a comment -

          Integrated in jenkins_main_trunk #3890
          [FIXED JENKINS-11172] Don't throw exception on /signup when not possible (Revision 277b17758e7b3790a2fdfd00bd576caa655da061)
          JENKINS-11172 Return HTTP 404 on /signup URL if not possible (Revision 8d60595fcedffe947a08be097bc906134118983f)

          Result = SUCCESS
          daniel-beck : 277b17758e7b3790a2fdfd00bd576caa655da061
          Files :

          • core/src/main/java/jenkins/model/Jenkins.java
          • core/src/main/resources/hudson/security/SecurityRealm/signup.jelly

          daniel-beck : 8d60595fcedffe947a08be097bc906134118983f
          Files :

          • core/src/main/resources/hudson/security/SecurityRealm/signup.jelly

          dogfood added a comment - Integrated in jenkins_main_trunk #3890 [FIXED JENKINS-11172] Don't throw exception on /signup when not possible (Revision 277b17758e7b3790a2fdfd00bd576caa655da061) JENKINS-11172 Return HTTP 404 on /signup URL if not possible (Revision 8d60595fcedffe947a08be097bc906134118983f) Result = SUCCESS daniel-beck : 277b17758e7b3790a2fdfd00bd576caa655da061 Files : core/src/main/java/jenkins/model/Jenkins.java core/src/main/resources/hudson/security/SecurityRealm/signup.jelly daniel-beck : 8d60595fcedffe947a08be097bc906134118983f Files : core/src/main/resources/hudson/security/SecurityRealm/signup.jelly

            danielbeck Daniel Beck
            zamf Cristian Zamfir
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: