-
Bug
-
Resolution: Duplicate
-
Major
-
None
-
Platform: All, OS: All
-
Powered by SuggestiMate
I am using version 259 with matrix-based security enabled. I assigned a user
the following privileges:
Overall: Read
Job: Configure, Build, Workspace
Run: Update
View: Create, Configure
SCM: Tag
However, when the user attempted to update a build job, he received the
following error message:
Access Denied
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@a2fb5983:
Username: hudson.security.HudsonPrivateSecurityRealm$Details@b1c468; Password:
[PROTECTED]; Authenticated: true; Details:
org.acegisecurity.ui.WebAuthenticationDetails@fffed504: RemoteIpAddress:
172.19.30.128; SessionId: FE3443EC28A4C60B2BD01D95828A72E2; Granted
Authorities: authenticated is missing Administer
Huds
It appears that in order to update jobs, a user needs to be able to Administer
all of Hudson, which is not correct.
Thanks!
[JENKINS-2703] Hudson security bug
I'm not sure whether all of this thread is related to the issue, but I am
posting it nonetheless. The very last thread mentions a security
authentication failure.
INFO: Obtained the latest update center data file
Dec 8, 2008 2:11:01 PM org.apache.commons.digester.Digester fatalError
SEVERE: Parse Fatal Error at line -1 column -1: Premature end of file.
org.xml.sax.SAXParseException: Premature end of file.
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseExcept
ion(ErrorHandlerWrapper.java:236)
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError
(ErrorHandlerWrapper.java:215)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError
(XMLErrorReporter.java:386)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError
(XMLErrorReporter.java:316)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion
(XMLVersionDetector.java:230)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse
(XML11Configuration.java:798)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse
(XML11Configuration.java:764)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse
(XMLParser.java:148)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse
(AbstractSAXParser.java:1242)
at org.apache.commons.digester.Digester.parse(Digester.java:1631)
at hudson.scm.CVSChangeLogSet.parse(CVSChangeLogSet.java:73)
at hudson.scm.CVSChangeLogParser.parse(CVSChangeLogParser.java:15)
at hudson.scm.CVSChangeLogParser.parse(CVSChangeLogParser.java:13)
at hudson.model.AbstractBuild.calcChangeSet(AbstractBuild.java:368)
at hudson.model.AbstractBuild.getChangeSet(AbstractBuild.java:350)
at hudson.model.View$People.<init>(View.java:207)
at hudson.model.View.getPeople(View.java:192)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.kohsuke.stapler.Function$InstanceFunction.invoke
(Function.java:146)
at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:140)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:352)
at org.kohsuke.stapler.Stapler.service(Stapler.java:112)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.util.PluginServletFilter$1.doFilter
(PluginServletFilter.java:61)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:52)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter
(UnwrapSecurityExceptionFilter.java:28)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter
(ExceptionTranslationFilter.java:166)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter
(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket
(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt
(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
hudson.util.IOException2: Failed to parse /u/operator/.hudson/jobs/billpay-
trunk-make/builds/2008-12-08_14-07-20/changelog.xml
at hudson.scm.CVSChangeLogSet.parse(CVSChangeLogSet.java:77)
at hudson.scm.CVSChangeLogParser.parse(CVSChangeLogParser.java:15)
at hudson.scm.CVSChangeLogParser.parse(CVSChangeLogParser.java:13)
at hudson.model.AbstractBuild.calcChangeSet(AbstractBuild.java:368)
at hudson.model.AbstractBuild.getChangeSet(AbstractBuild.java:350)
at hudson.model.View$People.<init>(View.java:207)
at hudson.model.View.getPeople(View.java:192)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.kohsuke.stapler.Function$InstanceFunction.invoke
(Function.java:146)
at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:140)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:352)
at org.kohsuke.stapler.Stapler.service(Stapler.java:112)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.util.PluginServletFilter$1.doFilter
(PluginServletFilter.java:61)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:52)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter
(UnwrapSecurityExceptionFilter.java:28)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter
(ExceptionTranslationFilter.java:166)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter
(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket
(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt
(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Caused by: org.xml.sax.SAXParseException: Premature end of file.
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse
(AbstractSAXParser.java:1269)
at org.apache.commons.digester.Digester.parse(Digester.java:1631)
at hudson.scm.CVSChangeLogSet.parse(CVSChangeLogSet.java:73)
... 56 more
Dec 8, 2008 2:13:18 PM org.apache.catalina.core.ApplicationContext log
SEVERE: Error while serving http://<server
name>:8080/hudson/securityRealm/createAccount
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.kohsuke.stapler.Function$InstanceFunction.invoke
(Function.java:146)
at org.kohsuke.stapler.Function.bindAndinvoke(Function.java:71)
at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:75)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:140)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:352)
at org.kohsuke.stapler.Stapler.service(Stapler.java:112)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.util.PluginServletFilter$1.doFilter
(PluginServletFilter.java:61)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:52)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter
(UnwrapSecurityExceptionFilter.java:28)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter
(ExceptionTranslationFilter.java:166)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter
(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket
(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt
(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.NullPointerException
at hudson.security.HudsonPrivateSecurityRealm.createAccount
(HudsonPrivateSecurityRealm.java:131)
at hudson.security.HudsonPrivateSecurityRealm.doCreateAccount
(HudsonPrivateSecurityRealm.java:86)
... 54 more
Dec 8, 2008 2:13:18 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet Stapler threw exception
java.lang.NullPointerException
at hudson.security.HudsonPrivateSecurityRealm.createAccount
(HudsonPrivateSecurityRealm.java:131)
at hudson.security.HudsonPrivateSecurityRealm.doCreateAccount
(HudsonPrivateSecurityRealm.java:86)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.kohsuke.stapler.Function$InstanceFunction.invoke
(Function.java:146)
at org.kohsuke.stapler.Function.bindAndinvoke(Function.java:71)
at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:75)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:140)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:352)
at org.kohsuke.stapler.Stapler.service(Stapler.java:112)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.util.PluginServletFilter$1.doFilter
(PluginServletFilter.java:61)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:52)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter
(UnwrapSecurityExceptionFilter.java:28)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter
(ExceptionTranslationFilter.java:166)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter
(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket
(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt
(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Dec 8, 2008 2:13:25 PM hudson.security.AuthenticationProcessingFilter2
onUnsuccessfulAuthentication
INFO: Login attempt failed
org.acegisecurity.BadCredentialsException: Bad credentials
at
org.acegisecurity.providers.dao.DaoAuthenticationProvider.additionalAuthenticati
onChecks(DaoAuthenticationProvider.java:75)
at
org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authen
ticate(AbstractUserDetailsAuthenticationProvider.java:150)
at org.acegisecurity.providers.ProviderManager.doAuthentication
(ProviderManager.java:195)
at org.acegisecurity.AbstractAuthenticationManager.authenticate
(AbstractAuthenticationManager.java:45)
at hudson.security.AuthenticationManagerProxy.authenticate
(AuthenticationManagerProxy.java:27)
at
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication
(AuthenticationProcessingFilter.java:71)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:252)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket
(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt
(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Dec 8, 2008 2:17:48 PM
org.springframework.context.support.AbstractApplicationContext prepareRefresh
INFO: Refreshing
org.springframework.web.context.support.StaticWebApplicationContext@1db7adc:
display name [Root WebApplicationContext]; startup date [Mon De
c 08 14:17:48 EST 2008]; root of context hierarchy
Dec 8, 2008 2:17:48 PM
org.springframework.context.support.AbstractApplicationContext
obtainFreshBeanFactory
INFO: Bean factory for application context
[org.springframework.web.context.support.StaticWebApplicationContext@1db7adc]:
org.springframework.beans.factory.s
upport.DefaultListableBeanFactory@128e644
Dec 8, 2008 2:17:48 PM
org.springframework.beans.factory.support.DefaultListableBeanFactory
preInstantiateSingletons
INFO: Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@128e644:
defining beans [userDetailsService,authen
ticationManager]; root of factory hierarchy
Dec 8, 2008 2:19:03 PM org.apache.catalina.core.ApplicationContext log
SEVERE: Error while serving http://<server
name>:8080/hudson/repositoryBrowser/FishEyeCVS/check
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.kohsuke.stapler.Function$InstanceFunction.invoke
(Function.java:146)
at org.kohsuke.stapler.Function.bindAndinvoke(Function.java:71)
at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:75)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:173)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:352)
at org.kohsuke.stapler.Stapler.service(Stapler.java:112)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.util.PluginServletFilter$1.doFilter
(PluginServletFilter.java:61)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:52)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter
(UnwrapSecurityExceptionFilter.java:28)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter
(ExceptionTranslationFilter.java:166)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter
(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
Dec 8, 2008 2:17:48 PM
org.springframework.context.support.AbstractApplicationContext prepareRefresh
INFO: Refreshing
org.springframework.web.context.support.StaticWebApplicationContext@1db7adc:
display name [Root WebApplicationContext]; startup date [Mon De
c 08 14:17:48 EST 2008]; root of context hierarchy
Dec 8, 2008 2:17:48 PM
org.springframework.context.support.AbstractApplicationContext
obtainFreshBeanFactory
INFO: Bean factory for application context
[org.springframework.web.context.support.StaticWebApplicationContext@1db7adc]:
org.springframework.beans.factory.s
upport.DefaultListableBeanFactory@128e644
Dec 8, 2008 2:17:48 PM
org.springframework.beans.factory.support.DefaultListableBeanFactory
preInstantiateSingletons
INFO: Pre-instantiating singletons in
org.springframework.beans.factory.support.DefaultListableBeanFactory@128e644:
defining beans [userDetailsService,authen
ticationManager]; root of factory hierarchy
Dec 8, 2008 2:19:03 PM org.apache.catalina.core.ApplicationContext log
SEVERE: Error while serving http://<server
name>:8080/hudson/repositoryBrowser/FishEyeCVS/check
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.kohsuke.stapler.Function$InstanceFunction.invoke
(Function.java:146)
at org.kohsuke.stapler.Function.bindAndinvoke(Function.java:71)
at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:75)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:173)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch
(NameBasedDispatcher.java:30)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:409)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:352)
at org.kohsuke.stapler.Stapler.service(Stapler.java:112)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.util.PluginServletFilter$1.doFilter
(PluginServletFilter.java:61)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:52)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter
(UnwrapSecurityExceptionFilter.java:28)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter
(ExceptionTranslationFilter.java:166)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter
(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter
(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter
(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter
(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter
(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter
(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter
(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter
(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnectio
n(Http11Protocol.java:738)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket
(PoolTcpEndpoint.java:526)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt
(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Caused by: org.acegisecurity.AccessDeniedException:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@5d058c87:
Username: hudson.security.Hudso
nPrivateSecurityRealm$Details@b1c468; Password: [PROTECTED]; Authenticated:
true; Details: org.acegisecurity.ui.WebAuthenticationDetails@0: RemoteIpAddress:
172.19.30.128; SessionId: D6AC08C243B05DCE10E8D2317CDBC9A1; Granted
Authorities: authenticated is missing Administer
at hudson.security.ACL.checkPermission(ACL.java:30)
at hudson.model.View.checkPermission(View.java:99)
at hudson.util.FormFieldValidator.process(FormFieldValidator.java:75)
at hudson.scm.browsers.FishEyeCVS$DescriptorImpl.doCheck
(FishEyeCVS.java:73)
... 54 more
(and this continues for a long time...let me know whether or not you want the
rest of these traces) Might end up having to send them to you in a text file.
The exception shown in your stack trace has been fixed (issue #2715), so closing
this issue.. reopen if you still see a problem in 1.268 or newer.
-
-
- This issue has been marked as a duplicate of 2715 ***
-
I'd like to keep P1 security bug for critical security holes, so
Do you get a stack trace with this message? It might be on the server console.
I'd like to see which check is failing.