Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25019

updateSecureSessionFlag fails to set secure cookie flag

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • core
    • Amazon Linux
      Tomcat 7.0.55
      Jenkins 1.565.3

      The following stacktrace is logged when Jenkins is started on Tomcat 7.

      Oct 07, 2014 12:18:17 PM INFO jenkins.InitReactorRunner$1 onAttained
Started initialization
Oct 07, 2014 12:18:17 PM INFO jenkins.InitReactorRunner$1 onAttained
Listed all plugins
Oct 07, 2014 12:18:17 PM INFO jenkins.InitReactorRunner$1 onAttained
Prepared all plugins
Oct 07, 2014 12:18:21 PM WARNING jenkins.model.JenkinsLocationConfiguration updateSecureSessionFlag
Failed to set secure cookie flag
java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at jenkins.model.JenkinsLocationConfiguration.updateSecureSessionFlag(JenkinsLocationConfiguration.java:123)
	at jenkins.model.JenkinsLocationConfiguration.load(JenkinsLocationConfiguration.java:71)
	at jenkins.model.JenkinsLocationConfiguration.<init>(JenkinsLocationConfiguration.java:46)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
	at com.google.inject.internal.DefaultConstructionProxyFactory$1.newInstance(DefaultConstructionProxyFactory.java:86)
	at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:108)
	at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:88)
	at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:269)
	at com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:46)
	at com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:1058)
	at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40)
	at com.google.inject.Scopes$1$1.get(Scopes.java:65)
	at hudson.ExtensionFinder$GuiceFinder$FaultTolerantScope$1.get(ExtensionFinder.java:429)
	at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:41)
	at com.google.inject.internal.InjectorImpl$3$1.call(InjectorImpl.java:1005)
	at com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:1051)
	at com.google.inject.internal.InjectorImpl$3.get(InjectorImpl.java:1001)
	at hudson.ExtensionFinder$GuiceFinder._find(ExtensionFinder.java:391)
	at hudson.ExtensionFinder$GuiceFinder.find(ExtensionFinder.java:382)
	at hudson.ExtensionFinder._find(ExtensionFinder.java:151)
	at hudson.ClassicPluginStrategy.findComponents(ClassicPluginStrategy.java:341)
	at hudson.ExtensionList.load(ExtensionList.java:295)
	at hudson.ExtensionList.ensureLoaded(ExtensionList.java:248)
	at hudson.ExtensionList.iterator(ExtensionList.java:138)
	at jenkins.model.Jenkins.getDescriptorByType(Jenkins.java:1193)
	at hudson.plugins.copyartifact.BuildSelectorParameter.initAliases(BuildSelectorParameter.java:99)
	at hudson.plugins.copyartifact.CopyArtifactPlugin.postInitialize(CopyArtifactPlugin.java:35)
	at hudson.PluginManager$2$1$2.run(PluginManager.java:376)
	at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
	at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:282)
	at jenkins.model.Jenkins$7.runTask(Jenkins.java:905)
	at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:210)
	at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: Property HttpOnly can not be added to SessionCookieConfig for context /jenkins as the context has been initialised
	at org.apache.catalina.core.ApplicationSessionCookieConfig.setHttpOnly(ApplicationSessionCookieConfig.java:107)
	... 43 more

Oct 07, 2014 12:18:22 PM INFO jenkins.InitReactorRunner$1 onAttained
Started all plugins

      I assume this will also happen with other versions of Tomcat >= 7.0.41 (See https://issues.apache.org/bugzilla/show_bug.cgi?id=54974).

      Should Jenkins check the state of the context before attempting to set the HttpOnly property?

            Unassigned Unassigned
            tomxland Tom Crossland
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: