Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-21304

NPE - Reverse Proxy Authentication

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Our configuration is that users access Jenkins through an Apache2 reverse proxy that provides integrated browser authentication using Kerberos. Our Jenkins server is configured to use the reverse-proxy-auth to read the X-Forwarded-User HTTP header and set that as the Jenkins user identity.

      This has ran for over a year without any issues.

      Recently I updated to V1.546 of Jenkins. Any attempt to access Jenkins now results in a Null Pointer Exception on a page access, rendering this version of Jenkins totally unusable. I've attached the stack trace as a text file to preserve formatting.

      Having a brief look at the code, this is occurring on line 366 of the latest reverse-proxy-auth plugin (V1.3). This is simply calling the HTTPServletRequest.getHeader method to retrieve any user name passed in the HTTP request. This is coded to the API docs which state that if such a header does not exist then NULL will be returned.

      In V1.546, the implementation of this getHeader method has now started failing. I suspect this is a bug with the bundled version of the Jetty code rather than being a Jenkins code issue. I'll have a look at the code when I get a chance to trace this back but wanted to raise this in case anyone else experiences a similar issue and hopefully link it to any Jetty related bugs that might be raised.

        Attachments

          Activity

          Hide
          imakowski Ireneusz Makowski added a comment -

          I have the same here after upgrading of reverse-proxy-auth from 1.0.1 to 1.3. My Jenkins version is 1.532.1 (LTS)

          Here is stacktrace:
          java.lang.NullPointerException
          at winstone.WinstoneRequest.extractFirstHeader(WinstoneRequest.java:210)
          at winstone.WinstoneRequest.getHeader(WinstoneRequest.java:1199)
          at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:324)
          at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
          at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
          at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
          at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
          at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227)
          at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
          at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
          at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
          at java.util.concurrent.FutureTask.run(Unknown Source)
          at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
          at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
          at java.lang.Thread.run(Unknown Source)

          Show
          imakowski Ireneusz Makowski added a comment - I have the same here after upgrading of reverse-proxy-auth from 1.0.1 to 1.3. My Jenkins version is 1.532.1 (LTS) Here is stacktrace: java.lang.NullPointerException at winstone.WinstoneRequest.extractFirstHeader(WinstoneRequest.java:210) at winstone.WinstoneRequest.getHeader(WinstoneRequest.java:1199) at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:324) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at winstone.FilterConfiguration.execute(FilterConfiguration.java:194) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366) at winstone.RequestDispatcher.forward(RequestDispatcher.java:331) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:227) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
          Hide
          benurb Benjamin Urban added a comment - - edited

          Same here.
          1.0.1 is working fine, but 1.2 to 1.3.1 produce the following NPE:

          Jan 10, 2014 10:56:38 AM org.eclipse.jetty.util.log.JavaUtilLog warn
          WARNING:
          java.lang.NullPointerException
                  at org.eclipse.jetty.util.StringUtil.getBytes(StringUtil.java:378)
                  at org.eclipse.jetty.io.ByteArrayBuffer.<init>(ByteArrayBuffer.java:81)
                  at org.eclipse.jetty.io.ByteArrayBuffer$CaseInsensitive.<init>(ByteArrayBuffer.java:424)
                  at org.eclipse.jetty.io.BufferCache$CachedBuffer.<init>(BufferCache.java:134)
                  at org.eclipse.jetty.io.BufferCache.lookup(BufferCache.java:101)
                  at org.eclipse.jetty.http.HttpFields.getField(HttpFields.java:402)
                  at org.eclipse.jetty.http.HttpFields.getStringField(HttpFields.java:431)
                  at org.eclipse.jetty.server.Request.getHeader(Request.java:605)
                  at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:324)
                  at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
                  at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
                  at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
                  at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
                  at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
                  at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
                  at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
                  at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
                  at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
                  at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
                  at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
                  at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
                  at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
                  at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
                  at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
                  at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
                  at org.eclipse.jetty.server.Server.handle(Server.java:370)
                  at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
                  at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949)
                  at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011)
                  at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
                  at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
                  at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
                  at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
                  at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
                  at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
                  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
                  at java.lang.Thread.run(Thread.java:724)
          

          Environment here is: Ubuntu 13.10 (x86_64), Jenkins 1.546 and 1.547

          Show
          benurb Benjamin Urban added a comment - - edited Same here. 1.0.1 is working fine, but 1.2 to 1.3.1 produce the following NPE: Jan 10, 2014 10:56:38 AM org.eclipse.jetty.util.log.JavaUtilLog warn WARNING: java.lang.NullPointerException at org.eclipse.jetty.util.StringUtil.getBytes(StringUtil.java:378) at org.eclipse.jetty.io.ByteArrayBuffer.<init>(ByteArrayBuffer.java:81) at org.eclipse.jetty.io.ByteArrayBuffer$CaseInsensitive.<init>(ByteArrayBuffer.java:424) at org.eclipse.jetty.io.BufferCache$CachedBuffer.<init>(BufferCache.java:134) at org.eclipse.jetty.io.BufferCache.lookup(BufferCache.java:101) at org.eclipse.jetty.http.HttpFields.getField(HttpFields.java:402) at org.eclipse.jetty.http.HttpFields.getStringField(HttpFields.java:431) at org.eclipse.jetty.server.Request.getHeader(Request.java:605) at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:324) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:724) Environment here is: Ubuntu 13.10 (x86_64), Jenkins 1.546 and 1.547
          Hide
          turb Sylvain Veyrié added a comment -

          I have the same as Benjamin, that may to not be the same NPE than Martin and than Ireneusz (lots of NPE out there).

          After reverse proxy auth plugin upgrade (from 1.0.1 to 1.3.1) and restart, Jenkins always gives:

          java.lang.NullPointerException
          	at org.eclipse.jetty.util.StringUtil.getBytes(StringUtil.java:383)
          	at org.eclipse.jetty.io.ByteArrayBuffer.<init>(ByteArrayBuffer.java:81)
          	at org.eclipse.jetty.io.ByteArrayBuffer$CaseInsensitive.<init>(ByteArrayBuffer.java:424)
          	at org.eclipse.jetty.io.BufferCache$CachedBuffer.<init>(BufferCache.java:134)
          	at org.eclipse.jetty.io.BufferCache.lookup(BufferCache.java:101)
          	at org.eclipse.jetty.http.HttpFields.getField(HttpFields.java:402)
          	at org.eclipse.jetty.http.HttpFields.getStringField(HttpFields.java:431)
          	at org.eclipse.jetty.server.Request.getHeader(Request.java:605)
          	at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:366)
          	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
          	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
          	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
          	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
          	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
          	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
          	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
          	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
          	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
          	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
          	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
          	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
          	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
          	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
          	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
          	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
          	at org.eclipse.jetty.server.Server.handle(Server.java:370)
          	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
          	at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949)
          	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011)
          	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
          	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
          	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
          	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
          	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
          	at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
          	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
          	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
          	at java.lang.Thread.run(Thread.java:724)
          

          Debian wheezy
          Jenkins 1.545

          Revert to 1.0.1 solves the problem.

          BTW, I don't know how to find the Groovy line where the error is, using the line number printed in the stacktrace.

          Show
          turb Sylvain Veyrié added a comment - I have the same as Benjamin, that may to not be the same NPE than Martin and than Ireneusz (lots of NPE out there). After reverse proxy auth plugin upgrade (from 1.0.1 to 1.3.1) and restart, Jenkins always gives: java.lang.NullPointerException at org.eclipse.jetty.util.StringUtil.getBytes(StringUtil.java:383) at org.eclipse.jetty.io.ByteArrayBuffer.<init>(ByteArrayBuffer.java:81) at org.eclipse.jetty.io.ByteArrayBuffer$CaseInsensitive.<init>(ByteArrayBuffer.java:424) at org.eclipse.jetty.io.BufferCache$CachedBuffer.<init>(BufferCache.java:134) at org.eclipse.jetty.io.BufferCache.lookup(BufferCache.java:101) at org.eclipse.jetty.http.HttpFields.getField(HttpFields.java:402) at org.eclipse.jetty.http.HttpFields.getStringField(HttpFields.java:431) at org.eclipse.jetty.server.Request.getHeader(Request.java:605) at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:366) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:724) Debian wheezy Jenkins 1.545 Revert to 1.0.1 solves the problem. BTW, I don't know how to find the Groovy line where the error is, using the line number printed in the stacktrace.
          Hide
          imakowski Ireneusz Makowski added a comment -

          I have the same... My is braking on isEmpty method on group checking...

          Show
          imakowski Ireneusz Makowski added a comment - I have the same... My is braking on isEmpty method on group checking...
          Hide
          turb Sylvain Veyrié added a comment -

          Still failing with Jenkins 1.558 and reverse-proxy-auth 1.3.3.

          Show
          turb Sylvain Veyrié added a comment - Still failing with Jenkins 1.558 and reverse-proxy-auth 1.3.3.
          Hide
          cfrohoff Chris Frohoff added a comment -

          This seems to be caused by older, incompatible Reverse Proxy Plugin config.xml data being bound into newer classes. Disabling security (https://wiki.jenkins-ci.org/display/JENKINS/Disable+security) and reconfiguring the Reverse Proxy Plugin Authentication (under Manage Jenkins > Configure Global Security) seems to fix the issue.

          Show
          cfrohoff Chris Frohoff added a comment - This seems to be caused by older, incompatible Reverse Proxy Plugin config.xml data being bound into newer classes. Disabling security ( https://wiki.jenkins-ci.org/display/JENKINS/Disable+security ) and reconfiguring the Reverse Proxy Plugin Authentication (under Manage Jenkins > Configure Global Security) seems to fix the issue.
          Hide
          turb Sylvain Veyrié added a comment -

          That's true.

          Instead of restart configuration from scratch, the proper workaround is to edit the config.xml file, et replace:

            <securityRealm class="org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm" plugin="reverse-proxy-auth-plugin@1.0.1">
              <header>X-Forwarded-User</header>
            </securityRealm>
          

          by:

            <securityRealm class="org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm" plugin="reverse-proxy-auth-plugin@1.3.3">
              <proxyTemplate/>
              <authContext/>
              <inhibitInferRootDN>false</inhibitInferRootDN>
              <userSearchBase></userSearchBase>
              <userSearch>uid={0}</userSearch>
              <authorities/>
              <forwardedUser>X-Forwarded-User</forwardedUser>
              <headerGroups>X-Forwarded-Groups</headerGroups>
              <headerGroupsDelimiter>|</headerGroupsDelimiter>
            </securityRealm>
          

          Still, this is a bug: the plugin should not do a NPE if it does not find either of proxyTemplate, authContext, inhibitInferRootDN, userSearchBase, userSearch, forwardedUser, headerGroups and headerGroupsDelimiter. Migrate from the previous configuration format should be the best thing to do.

          Show
          turb Sylvain Veyrié added a comment - That's true. Instead of restart configuration from scratch, the proper workaround is to edit the config.xml file, et replace: <securityRealm class= "org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm" plugin= "reverse-proxy-auth-plugin@1.0.1" > <header> X-Forwarded-User </header> </securityRealm> by: <securityRealm class= "org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm" plugin= "reverse-proxy-auth-plugin@1.3.3" > <proxyTemplate/> <authContext/> <inhibitInferRootDN> false </inhibitInferRootDN> <userSearchBase> </userSearchBase> <userSearch> uid={0} </userSearch> <authorities/> <forwardedUser> X-Forwarded-User </forwardedUser> <headerGroups> X-Forwarded-Groups </headerGroups> <headerGroupsDelimiter> | </headerGroupsDelimiter> </securityRealm> Still, this is a bug: the plugin should not do a NPE if it does not find either of proxyTemplate, authContext, inhibitInferRootDN, userSearchBase, userSearch, forwardedUser, headerGroups and headerGroupsDelimiter. Migrate from the previous configuration format should be the best thing to do.
          Hide
          wfollonier Wadeck Follonier added a comment -

          Due to the breaking changes introduced between 1.0.x and 1.3.x, such an update could be problematic, if you have some trouble you can follow the workaround proposed here. Otherwise open a new issue.

          Show
          wfollonier Wadeck Follonier added a comment - Due to the breaking changes introduced between 1.0.x and 1.3.x, such an update could be problematic, if you have some trouble you can follow the workaround proposed here. Otherwise open a new issue.

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            martin_css Martin Campbell
            Votes:
            7 Vote for this issue
            Watchers:
            12 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: