Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-21188

Build Pipeline Plugin (1.4.2) throws ServletException: Need to log in to access <project> for not-logged in users

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • build-pipeline-plugin
    • Jenkins v1.545 in Tomcat 6 on Mandriva Linux 2010.1
      Auth Realm: Matrix Auth plugin

      When a not-logged-in user tries to view the start page, a big StackTrace indicating that they don't have access to some job appears. (This is actually true)
      For an user with access to all plugins, everything is shown properly.
      This issue appeared immediately after I updated my Build Pipeline Plugin from 1.4.1 to 1.4.2 and the plugin also appears in the StackTrace.

      This is the StackTrace I get: http://pastebin.com/jNz8E4qw
      This is what the User interface looks like for not-logged-in users: http://screencloud.net/img/screenshots/a45ce4757a1b6ef7dfe3006e08900557.png
      This is what is looks like for a user with access to all jobs: http://screencloud.net//img/screenshots/ba953d7c92a35ec2dd10dbfb72734537.png

          [JENKINS-21188] Build Pipeline Plugin (1.4.2) throws ServletException: Need to log in to access <project> for not-logged in users

          Also same problem.

          The combination to reproduce this problem is:

          • Jenkins 1.554.2
          • Build pipeline plugin 1.4.2 or higher. I tried it with 1.4.3 and 1.4.4-snapshot (27.06.2014)
          • Enabled security with 'Role-Based Strategy'
          1. Create a global role for all users with Overall: read, Job: discovery, View: read permission and assign it to all your users;
          2. Create project roles with Job: read and whatever else you need and assign it selected users;
          3. Create a build pipeline view and you will get the error for all the users who do not have Job: read for the job with build pipeline.

          Works like a charm with Build pipeline v 1.4.1

          Jānis Balodis added a comment - Also same problem. The combination to reproduce this problem is: Jenkins 1.554.2 Build pipeline plugin 1.4.2 or higher. I tried it with 1.4.3 and 1.4.4-snapshot (27.06.2014) Enabled security with 'Role-Based Strategy' Create a global role for all users with Overall: read, Job: discovery, View: read permission and assign it to all your users; Create project roles with Job: read and whatever else you need and assign it selected users; Create a build pipeline view and you will get the error for all the users who do not have Job: read for the job with build pipeline. Works like a charm with Build pipeline v 1.4.1

          Please try reproduce with latest version and provide stacktrace

          Kanstantsin Shautsou added a comment - Please try reproduce with latest version and provide stacktrace

          Philipp Nowak added a comment -

          I have been able to reproduce this issue with Build Pipeline Plugin 1.4.7 (latest version available according to 'Manage Plugins') just now.
          There is still a stacktrace visible to users who are not logged in, (http://pastebin.com/NPazchYK) while users with appropriate access permissions are still able to access the page no problem.
          (The environment has changed to CentOS 7.1, [Linux 3.10.0-229.1.2.el7.x86_64] with Jenkins 1.606)

          Philipp Nowak added a comment - I have been able to reproduce this issue with Build Pipeline Plugin 1.4.7 (latest version available according to 'Manage Plugins') just now. There is still a stacktrace visible to users who are not logged in, ( http://pastebin.com/NPazchYK ) while users with appropriate access permissions are still able to access the page no problem. (The environment has changed to CentOS 7.1, [Linux 3.10.0-229.1.2.el7.x86_64] with Jenkins 1.606)

          Hi, your stacktrace doesn't contain a NPE. This may be a separate issue

          Kanstantsin Shautsou added a comment - Hi, your stacktrace doesn't contain a NPE. This may be a separate issue

          Tim Preston added a comment -

          Experiencing this issue with plugin 1.4.7 on Jenkins 1.609 and we're using Project-based Matrix Authorization Strategy for security. When experiencing this issue, however, all my users see is a blank Jenkins screen (no jobs listed) when accessing the default system "All" view, not a stacktrace. The stacktrace is only seen in the system logs (for example: http://pastebin.com/7snZ838E).

          Since I need to have the plugin installed, the only way that I've been able to get around the issue is to NOT create "global" Build Pipeline views and only have the users create "private" Build Pipeline views, if needed.

          The gist of the problem seems to be: If any global Build Pipeline views exist and the current user does not have access to a job in any of the views, they will get the blank Jenkins screen.

          Tim Preston added a comment - Experiencing this issue with plugin 1.4.7 on Jenkins 1.609 and we're using Project-based Matrix Authorization Strategy for security. When experiencing this issue, however, all my users see is a blank Jenkins screen (no jobs listed) when accessing the default system "All" view, not a stacktrace. The stacktrace is only seen in the system logs (for example: http://pastebin.com/7snZ838E ). Since I need to have the plugin installed, the only way that I've been able to get around the issue is to NOT create "global" Build Pipeline views and only have the users create "private" Build Pipeline views, if needed. The gist of the problem seems to be: If any global Build Pipeline views exist and the current user does not have access to a job in any of the views, they will get the blank Jenkins screen.

          tpreston you log says

           Please login to access job xyca~Commit and Test Stage

          Kanstantsin Shautsou added a comment - tpreston you log says Please login to access job xyca~Commit and Test Stage

          Tim Preston added a comment -

          The user is logged in, they just don't have access to that particular job.

          Tim Preston added a comment - The user is logged in, they just don't have access to that particular job.

          Philipp Nowak added a comment -

          I can't seem to reproduce this any more in my fresh Jenkins install - I can access the start page without logging in now even though there's a global Build Pipeline View with restricted jobs in it. (It's now correctly hidden from the view list)
          Versions: Build Pipeline v1.4.7, Jenkins 1.627, Debian 8, Tomcat 8

          Philipp Nowak added a comment - I can't seem to reproduce this any more in my fresh Jenkins install - I can access the start page without logging in now even though there's a global Build Pipeline View with restricted jobs in it. (It's now correctly hidden from the view list) Versions: Build Pipeline v1.4.7, Jenkins 1.627, Debian 8, Tomcat 8

          xxyy Do you agree if we close this issue?

          Manuel Recena Soto added a comment - xxyy Do you agree if we close this issue?

          Philipp Nowak added a comment -

          Yes, since I can't reproduce it any more.

          Philipp Nowak added a comment - Yes, since I can't reproduce it any more.

            recena Manuel Recena Soto
            xxyy Philipp Nowak
            Votes:
            8 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: