Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11644

Active Directory plugin 1.21 and Jenkins 1.437 causes Error 500

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Major
    • Resolution: Fixed
    • None
    • Master - Windows 2003 running as a service
      Web browser - Firefox 7.01, and Chrome 17.0928
      Jenkins Active Directoy Plugin version 1.21

    Description

      When I log into Jenkins it seems to be ok, but after browsing around for a bit, I start to get exceptions. I've attached the Jenkins log, and the web browser stack trace.

      I do have a AD group and 3 AD users configured as admins in Jenkins, but they are not AD admins. I can login successfully, and I check the "remember me on this computer" button on the login. Once I get the error 500, I have to clear the browser cookie to be able to see Jenkins again.
      This was working with Jenkins 1.430 and AD Plugin 1.19
      Reverting back to AD plugin 1.19 but keeping Jenkins 1.437 seems to resolve the issue.

      Attachments

        Activity

          aflat aflat created issue -
          peterloron Peter Loron added a comment -

          I am also seeing this error. My setup was working fine on 1.436 and AD 1.20.

          peterloron Peter Loron added a comment - I am also seeing this error. My setup was working fine on 1.436 and AD 1.20.

          It's failing to retrieve the 'tokenGroups' attribute which lists all the groups the user belongs to.

          The 500 error you attached seems to come from the login page. But you say "after browsing around for a bit, you start to get exceptions", which seems to imply that you get this error on pages other than login. Can you clarify?

          kohsuke Kohsuke Kawaguchi added a comment - It's failing to retrieve the 'tokenGroups' attribute which lists all the groups the user belongs to. The 500 error you attached seems to come from the login page. But you say "after browsing around for a bit, you start to get exceptions", which seems to imply that you get this error on pages other than login. Can you clarify?
          peterloron Peter Loron added a comment -

          I see the errors in the log (especially the "Caused by: org.acegisecurity.AuthenticationServiceException: Unable to retrieve the user information without bind DN/password configured" error).

          This happens at some point shortly after initially logging in. I see it when I visit the Configure page for a project and Jenkins has to check permissions. As far as I know it has nothing to do with the login page itself, but rather the AD plugin or a change in Jenkins.

          peterloron Peter Loron added a comment - I see the errors in the log (especially the "Caused by: org.acegisecurity.AuthenticationServiceException: Unable to retrieve the user information without bind DN/password configured" error). This happens at some point shortly after initially logging in. I see it when I visit the Configure page for a project and Jenkins has to check permissions. As far as I know it has nothing to do with the login page itself, but rather the AD plugin or a change in Jenkins.

          Code changed in jenkins
          User: Kohsuke Kawaguchi
          Path:
          src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
          http://jenkins-ci.org/commit/active-directory-plugin/87c69c3da87f6b7e573a3aee1b0cf6c33eec83d2
          Log:
          JENKINS-11644 avoid NPE even if tokenGroups fail to retrieve, so that we can diagnose this further.

          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Kohsuke Kawaguchi Path: src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java http://jenkins-ci.org/commit/active-directory-plugin/87c69c3da87f6b7e573a3aee1b0cf6c33eec83d2 Log: JENKINS-11644 avoid NPE even if tokenGroups fail to retrieve, so that we can diagnose this further.
          dogfood dogfood added a comment -

          Integrated in plugins_active-directory #44
          JENKINS-11644 avoid NPE even if tokenGroups fail to retrieve, so that we can diagnose this further.

          Kohsuke Kawaguchi :
          Files :

          • src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
          dogfood dogfood added a comment - Integrated in plugins_active-directory #44 JENKINS-11644 avoid NPE even if tokenGroups fail to retrieve, so that we can diagnose this further. Kohsuke Kawaguchi : Files : src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
          aflat aflat added a comment -

          I don't see it right after I log in. I can configure a job, and then some elements on the configure page start to show Error 500. Then going back to the main page, all I see is Error 500 with the stack trace. So it does take a bit to appear, around 30-60 seconds or so.

          aflat aflat added a comment - I don't see it right after I log in. I can configure a job, and then some elements on the configure page start to show Error 500. Then going back to the main page, all I see is Error 500 with the stack trace. So it does take a bit to appear, around 30-60 seconds or so.
          aflat aflat added a comment -

          Looks like you resolved the issue with 1.22, thanks!

          aflat aflat added a comment - Looks like you resolved the issue with 1.22, thanks!

          Marking as fixed as suggested.

          kohsuke Kohsuke Kawaguchi added a comment - Marking as fixed as suggested.
          kohsuke Kohsuke Kawaguchi made changes -
          Field Original Value New Value
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Resolved [ 5 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 141887 ] JNJira + In-Review [ 189860 ]

          People

            Unassigned Unassigned
            aflat aflat
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: