Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-17581

Using the API Token beyond 496 causes intermittent 500 errors

    XMLWordPrintable

Details

    Description

      After upgrading to 509 from 496, my service accounts that use the api token stopped working all the time, giving 500 errors about 1/2 the time. I tracked it down to the AD plugin complaining that the user couldn't bind correctly (which is correct as it was passing the api token).

      Switching from the AD plugin to straight LDAP fixed the issue. My best guess would be that the filters that handle the plugin and the apitoken are getting fired at different times. I stopped looking at it though once moving to LDAP solved the issue.

      thanks!

      Attachments

        Issue Links

          Activity

            Any chance you can attach the stack trace?

            kohsuke Kohsuke Kawaguchi added a comment - Any chance you can attach the stack trace?
            herque herque added a comment -

            Stack trace of bind failure. This happens when using api-token which should bypass other authentication mechanisms.

            herque herque added a comment - Stack trace of bind failure. This happens when using api-token which should bypass other authentication mechanisms.
            herque herque added a comment -

            Some more history.

            environment that didn't work
            RHEL 5.5
            Tomcat 7.0.26
            jenkins version 509/510 with latest AD plugin

            I first noticed the issue because or post commit hook stopped working and while debugging that realized that the call was sometimes getting a 500 error. It was pretty random, would work 3-4 times then would not work 3-4 times. I put a loop in the hook to try ten times checking to make sure wget has a 0 exit. Although not ideal, it got my working.

            However this wasn't a good solution (obviously) so I thought to try out straight ldap and it worked as expected.

            herque herque added a comment - Some more history. environment that didn't work RHEL 5.5 Tomcat 7.0.26 jenkins version 509/510 with latest AD plugin I first noticed the issue because or post commit hook stopped working and while debugging that realized that the call was sometimes getting a 500 error. It was pretty random, would work 3-4 times then would not work 3-4 times. I put a loop in the hook to try ten times checking to make sure wget has a 0 exit. Although not ideal, it got my working. However this wasn't a good solution (obviously) so I thought to try out straight ldap and it worked as expected.
            jameshowe James Howe added a comment - - edited

            This is another presentation of JENKINS-14057 ?

            jameshowe James Howe added a comment - - edited This is another presentation of JENKINS-14057 ?
            jameshowe James Howe added a comment -

            Setting a Bind DN is a work-around for this issue.

            jameshowe James Howe added a comment - Setting a Bind DN is a work-around for this issue.

            People

              Unassigned Unassigned
              herque herque
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated: