Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-22368

Discovery fails when Jenkins is behind a proxy

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • openid-plugin
    • None
    • Ubuntu 12.04 x86_64
      Google Apps

      The OpenId plugin doesn't work properly when attempting to discover the provider. My specific case is with the Google provider. I confirmed that I could access the URL with Jenkins by testing the Google URL in the proxy settings screen (I have also been downloading plugins, etc). Upon inspection of the code, I noticed that the constructor that calls the discovery method in openid4java never initialized the proxy settings for HttpClient with the HttpClientFactory. This was only occurring in the getManager() method. Here is an example of the log entry. 

      Mar 24, 2014 3:37:46 PM org.apache.catalina.core.ApplicationContext log
SEVERE: Error while serving http://someserver.mydomain.com/jenkins/configureSecurity/configure
java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:601)
	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
	at org.kohsuke.stapler.MetaClass$12.dispatch(MetaClass.java:390)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631)
	at org.kohsuke.stapler.Stapler.service(Stapler.java:225)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96)
	at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:58)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:99)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:203)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:181)
	at net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:86)
	at org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:90)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:99)
	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:722)
Caused by: java.lang.RuntimeException: Failed to instantiate class hudson.plugins.openid.GoogleAppSsoSecurityRealm from {"value":"2","stapler-class":"hudson.plugins.openid.GoogleAppSsoSecurityRealm","domain":"mydomain.com"}
	at hudson.model.Descriptor.newInstance(Descriptor.java:576)
	at hudson.DescriptorExtensionList.newInstanceFromRadioList(DescriptorExtensionList.java:137)
	at hudson.DescriptorExtensionList.newInstanceFromRadioList(DescriptorExtensionList.java:141)
	at hudson.security.GlobalSecurityConfiguration.configure(GlobalSecurityConfiguration.java:95)
	at hudson.security.GlobalSecurityConfiguration.doConfigure(GlobalSecurityConfiguration.java:79)
	... 58 more
Caused by: java.lang.IllegalArgumentException: Failed to instantiate class hudson.plugins.openid.GoogleAppSsoSecurityRealm from {"value":"2","stapler-class":"hudson.plugins.openid.GoogleAppSsoSecurityRealm","domain":"mydomain.com"}
	at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:589)
	at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:400)
	at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:396)
	at hudson.model.Descriptor.newInstance(Descriptor.java:567)
	... 62 more
Caused by: java.lang.IllegalArgumentException: org.openid4java.discovery.DiscoveryException: 0x704: Failed to discover XRDS document from https://www.google.com/accounts/o8/site-xrds?hd=mydomain.com
	at org.kohsuke.stapler.RequestImpl.invokeConstructor(RequestImpl.java:462)
	at org.kohsuke.stapler.RequestImpl.instantiate(RequestImpl.java:690)
	at org.kohsuke.stapler.RequestImpl.access$100(RequestImpl.java:81)
	at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:587)
	... 65 more
Caused by: org.openid4java.discovery.DiscoveryException: 0x704: Failed to discover XRDS document from https://www.google.com/accounts/o8/site-xrds?hd=mydomain.com
	at hudson.plugins.openid.YadisResolver2.discover(YadisResolver2.java:23)
	at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221)
	at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179)
	at org.openid4java.discovery.Discovery.discover(Discovery.java:134)
	at org.openid4java.discovery.Discovery.discover(Discovery.java:114)
	at hudson.plugins.openid.OpenIdSsoSecurityRealm.getDiscoveredEndpoint(OpenIdSsoSecurityRealm.java:122)
	at hudson.plugins.openid.OpenIdSsoSecurityRealm.<init>(OpenIdSsoSecurityRealm.java:84)
	at hudson.plugins.openid.GoogleAppSsoSecurityRealm.<init>(GoogleAppSsoSecurityRealm.java:34)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
	at org.kohsuke.stapler.RequestImpl.invokeConstructor(RequestImpl.java:447)
	... 68 more
Caused by: org.openid4java.discovery.yadis.YadisException: 0x704: I/O transport error: 
	at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:432)
	at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229)
	at hudson.plugins.openid.YadisResolver2.discover(YadisResolver2.java:21)
	... 80 more
Caused by: org.apache.commons.httpclient.ConnectTimeoutException: The host did not accept the connection within timeout of 3000 ms
	at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:155)
	at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:130)
	at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
	at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
	at org.openid4java.util.HttpCache.head(HttpCache.java:296)
	at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360)
	... 82 more
Caused by: java.net.SocketTimeoutException: connect timed out
	at java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
	at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
	at java.net.Socket.connect(Socket.java:579)
	at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:618)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:601)
	at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:140)
	... 91 more

            kohsuke Kohsuke Kawaguchi
            justinharringa Justin Harringa
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: