-
Bug
-
Resolution: Not A Defect
-
Major
-
None
-
RHEL 5
I attempted to configure the active-directory plugin in various ways and saw many failures when clicking the Test button. Eventually I succeeded in a Test by specifying the correct domain name and leaving all the Advanced fields blank. But upon clicking Save, the Oops page came up displaying the following error:
org.jvnet.hudson.reactor.ReactorException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager': Cannot create inner bean '(inner bean)' of type [org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider] while setting bean property 'providers' with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: [Assertion failed] - this String argument must have length; it must not be null or empty
at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:246)
at jenkins.InitReactorRunner.run(InitReactorRunner.java:43)
at jenkins.model.Jenkins.executeReactor(Jenkins.java:910)
at jenkins.model.Jenkins.<init>(Jenkins.java:806)
at hudson.model.Hudson.<init>(Hudson.java:81)
at hudson.model.Hudson.<init>(Hudson.java:77)
at hudson.WebAppMain$3.run(WebAppMain.java:221)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationManager': Cannot create inner bean '(inner bean)' of type [org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider] while setting bean property 'providers' with key [1]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: [Assertion failed] - this String argument must have length; it must not be null or empty
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:230)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:122)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:287)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:126)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:429)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:728)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:380)
at hudson.util.spring.DefaultRuntimeSpringConfiguration.getApplicationContext(DefaultRuntimeSpringConfiguration.java:94)
at hudson.util.spring.BeanBuilder.createApplicationContext(BeanBuilder.java:388)
at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.createSecurityComponents(ActiveDirectorySecurityRealm.java:131)
at hudson.security.SecurityRealm.getSecurityComponents(SecurityRealm.java:398)
at hudson.security.HudsonFilter.reset(HudsonFilter.java:134)
at jenkins.model.Jenkins.setSecurityRealm(Jenkins.java:2050)
at jenkins.model.Jenkins$20.run(Jenkins.java:2618)
at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:146)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:259)
at jenkins.model.Jenkins$7.runTask(Jenkins.java:899)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:187)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:94)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:701)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: [Assertion failed] - this String argument must have length; it must not be null or empty
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1338)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:473)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
at java.security.AccessController.doPrivileged(Native Method)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:219)
... 32 more
Caused by: java.lang.IllegalArgumentException: [Assertion failed] - this String argument must have length; it must not be null or empty
at org.springframework.util.Assert.hasLength(Assert.java:136)
at org.springframework.util.Assert.hasLength(Assert.java:148)
at org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider.afterPropertiesSet(RememberMeAuthenticationProvider.java:56)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1369)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1335)
... 37 more
And now, after restarting Jenkins, it fails to start and displays this same error with no way to get back to my previous configuration (no security configured).
Also, there was no option to choose a version other than 'current'. I'm actually running 1.532.1, but didn't see anything related in the change logs, so I haven't tried upgrading to the latest.
[JENKINS-21583] Attempting to configure the active-directory plugin caused an error that now prevents Jenkins from starting up
Robert Campbell
added a comment - I've looked through some source. Looks like the acegi RememberMeAuthenticationProvider only takes a 'key' parameter from Spring. So that has to be the culprit that is being sent in null or empty. Then I found the call in the active-directory plugin in a groovy script:
...
bean(RememberMeAuthenticationProvider) {
key = Hudson.getInstance().getSecretKey();
},
...
But nothing in the active-directory plugin ever sets the SecretKey, unless it is a side effect of a call that I haven't noticed. So I'm not sure what is causing getSecretKey to return null or an empty string.
Robert Campbell
added a comment - I've looked through some source. Looks like the acegi RememberMeAuthenticationProvider only takes a 'key' parameter from Spring. So that has to be the culprit that is being sent in null or empty. Then I found the call in the active-directory plugin in a groovy script:
...
bean(RememberMeAuthenticationProvider) {
key = Hudson.getInstance().getSecretKey();
},
...
But nothing in the active-directory plugin ever sets the SecretKey, unless it is a side effect of a call that I haven't noticed. So I'm not sure what is causing getSecretKey to return null or an empty string. Robert Campbell
added a comment - I'm learning slowly. So I have no clue how my secret.key file got hosed. But it was empty. I removed it and Jenkins generated a new one and I'm able to save my configuration now. I guess it could be anything that corrupted my secret.key file, even something long ago and it only manifested now. So I'll close this issue.
Robert Campbell
added a comment - I'm learning slowly. So I have no clue how my secret.key file got hosed. But it was empty. I removed it and Jenkins generated a new one and I'm able to save my configuration now. I guess it could be anything that corrupted my secret.key file, even something long ago and it only manifested now. So I'll close this issue. 
I followed the instructions here: https://wiki.jenkins-ci.org/display/JENKINS/Disable+security and I have a workable server back in its original non-secured state. So I've lowered the priority.
But with a fresh start, modifying only the Domain Name and getting a successful Test, I Save the security configuration and get the same error and the same hosed Jenkins configuration. The relevant portion of the config.xml is as follows:
I'm guessing the error comes from having a bindPassword without a Bind DN to go with it. I tried removing the bindPassword from the config.xml, but that gave me a similar error. So is there a way to configure the active-directory plugin without specifying the Bind DN/Password?