All our API calls are now failing. Even a simple thing like this:

      <username>:<token>@jenkins.goonies3.com/api/json

      I keep getting:

      Error 401 Unexpected authentication type: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@b69dc627: Username: <username>; Password: [PROTECTED]; Authenticated: false; Details: org.acegisecurity.ui.WebAuthenticationDetails@ffff8868: RemoteIpAddress: <ip address>; SessionId: null; Not granted any authorities

      How do I get my API calls working again? This is a huge issue, it's brining most of our automated processing to a halt.

          [JENKINS-22409] API Token no longer working for API calls

          Justin Zaun added a comment -

          I've downgraded back to jenkins 1.550 and the API Token starts working again. I hope I'm not stuck on v1.550 forever.

          Justin Zaun added a comment - I've downgraded back to jenkins 1.550 and the API Token starts working again. I hope I'm not stuck on v1.550 forever.

          Peter Downs added a comment -

          Experiencing the same issue on Jenkins version 1.558 and Github OAuth version 0.14 – it would be great to not have to downgrade. Any way I can help submit a fix?

          Peter Downs added a comment - Experiencing the same issue on Jenkins version 1.558 and Github OAuth version 0.14 – it would be great to not have to downgrade. Any way I can help submit a fix?

          Peter Downs added a comment - - edited

          The following version combinations all reproduce the error:

          • Jenkins v1.550 / Github OAuth v0.14
          • Jenkins v1.558 / Github OAuth v0.14
          • Jenkins v1.559 / Github OAuth v0.14

          @Justin, what combination worked for you – Jenkins v1.550 / Github OAuth v0.15-SNAPSHOT?

          Peter Downs added a comment - - edited The following version combinations all reproduce the error: • Jenkins v1.550 / Github OAuth v0.14 • Jenkins v1.558 / Github OAuth v0.14 • Jenkins v1.559 / Github OAuth v0.14 @Justin, what combination worked for you – Jenkins v1.550 / Github OAuth v0.15-SNAPSHOT?

          Fred Palmer added a comment -

          Same here, same versions.

          Fred Palmer added a comment - Same here, same versions.

          Daniel Beck added a comment -

          To clarify:

          1.550 with GH OAuth 0.15-SNAPSHOT works
          1.550 with GH OAuth 0.14 does not work
          1.558 with GH OAuth 0.15-SNAPSHOT does not work

          Correct?

          This could have been caused by the fix to JENKINS-20064 in 1.556. Anyone care to confirm by testing that 1.555 works with 0.15-SNAPSHOT, and 1.556 doesn't?

          Daniel Beck added a comment - To clarify: 1.550 with GH OAuth 0.15-SNAPSHOT works 1.550 with GH OAuth 0.14 does not work 1.558 with GH OAuth 0.15-SNAPSHOT does not work Correct? This could have been caused by the fix to JENKINS-20064 in 1.556. Anyone care to confirm by testing that 1.555 works with 0.15-SNAPSHOT, and 1.556 doesn't?

          Daniel Beck added a comment -

          Possibly related to this change in 1.556.

          Daniel Beck added a comment - Possibly related to this change in 1.556.

          Daniel Beck added a comment -

          Could someone please post the full stack trace, e.g. from jenkins.log?

          Daniel Beck added a comment - Could someone please post the full stack trace, e.g. from jenkins.log?

          I'm running Jenkins 1.565 w/ Active Directory plugin 1.37 and I try to authenticate jenkins-cli with an apiToken like this:

          java -jar jenkins-cli.jar -s http://jenkins.intranet:8080/jenkins build test_job --username dserodi --password MY_API_KEY
          

          I get this stracktrace:

          Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl bind
          WARNING: Failed to authenticate while binding to adserver.intranet:3268
          javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
                  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
                  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
                  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835)
                  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
                  at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635)
                  at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622)
                  at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618)
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454)
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370)
                  at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248)
                  at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193)
                  at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137)
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602)
                  at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114)
                  at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39)
                  at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81)
                  at hudson.cli.CLICommand.main(CLICommand.java:228)
                  at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92)
                  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
                  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                  at java.lang.reflect.Method.invoke(Method.java:606)
                  at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300)
                  at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281)
                  at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240)
                  at hudson.remoting.UserRequest.perform(UserRequest.java:118)
                  at hudson.remoting.UserRequest.perform(UserRequest.java:48)
                  at hudson.remoting.Request$2.run(Request.java:328)
                  at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
                  at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63)
                  at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95)
                  at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)
                  at java.util.concurrent.FutureTask.run(FutureTask.java:262)
                  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
                  at java.lang.Thread.run(Thread.java:744)
          
          Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider retrieveUser
          WARNING: Credential exception trying to authenticate against intranet domain
          org.acegisecurity.BadCredentialsException: Either no such user 'dserodi@intranet' or incorrect password; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:385)
                  at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248)
                  at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193)
                  at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137)
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602)
                  at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114)
                  at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39)
                  at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81)
                  at hudson.cli.CLICommand.main(CLICommand.java:228)
                  at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92)
                  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
                  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                  at java.lang.reflect.Method.invoke(Method.java:606)
                  at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300)
                  at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281)
                  at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240)
                  at hudson.remoting.UserRequest.perform(UserRequest.java:118)
                  at hudson.remoting.UserRequest.perform(UserRequest.java:48)
                  at hudson.remoting.Request$2.run(Request.java:328)
                  at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
                  at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63)
                  at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95)
                  at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)
                  at java.util.concurrent.FutureTask.run(FutureTask.java:262)
                  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
                  at java.lang.Thread.run(Thread.java:744)
          Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
                  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
                  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
                  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835)
                  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
                  at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635)
                  at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622)
                  at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618)
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454)
                  at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370)
                  ... 27 more
          

          Daniel Serodio added a comment - I'm running Jenkins 1.565 w/ Active Directory plugin 1.37 and I try to authenticate jenkins-cli with an apiToken like this: java -jar jenkins-cli.jar -s http: //jenkins.intranet:8080/jenkins build test_job --username dserodi --password MY_API_KEY I get this stracktrace: Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl bind WARNING: Failed to authenticate while binding to adserver.intranet:3268 javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622) at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602) at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114) at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39) at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81) at hudson.cli.CLICommand.main(CLICommand.java:228) at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:328) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63) at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95) at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang. Thread .run( Thread .java:744) Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider retrieveUser WARNING: Credential exception trying to authenticate against intranet domain org.acegisecurity.BadCredentialsException: Either no such user 'dserodi@intranet' or incorrect password; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:385) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602) at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114) at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39) at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81) at hudson.cli.CLICommand.main(CLICommand.java:228) at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:328) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63) at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95) at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang. Thread .run( Thread .java:744) Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622) at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370) ... 27 more

          Daniel Beck added a comment -

          dserodio: Completely different issue. This is about Github OAuth. Please file a new issue.

          Daniel Beck added a comment - dserodio : Completely different issue. This is about Github OAuth. Please file a new issue.

          Daniel Beck added a comment -

          Resolving as incomplete as there have been no responses to comments asking for clarification and additional information in months.

          Daniel Beck added a comment - Resolving as incomplete as there have been no responses to comments asking for clarification and additional information in months.

            skottler Sam Kottler
            jzaun Justin Zaun
            Votes:
            5 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: