Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-33999

add org.spring.core.NestedRuntimeException to the whitelist

      it is required for some exceptions to be propagated over the remoting chanel, however some 3rd party (acegi) exceptions are subclasses of org.springframework.core.NestedRuntimeException which is blocked by the remote classloading. This exception is safe so should be allowed.

          [JENKINS-33999] add org.spring.core.NestedRuntimeException to the whitelist

          James Nord created issue -
          James Nord made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Jesse Glick made changes -
          Remote Link New: This issue links to "PR 79 (Web Link)" [ 14160 ]

          Jesse Glick added a comment -

          Specifically AcegiSecurityException and thus its subtypes like UsernameNotFoundException used by Jenkins extend NestedRuntimeException.

          Jesse Glick added a comment - Specifically AcegiSecurityException and thus its subtypes like UsernameNotFoundException used by Jenkins extend NestedRuntimeException .

          Jesse Glick added a comment -

          Also DataAccessException.

          Jesse Glick added a comment - Also DataAccessException .

          James Nord added a comment - - edited

          jglick should we just exclude any

          
          

          [^.]*Exception${noformat} from the spring blacklist entry so all spring exceptions are allowed?

          I haven;t checked all Springs exceptions but it would seem mostly hamrless. (DataAccessException would be blocked as it is inside org.springframework)

          James Nord added a comment - - edited jglick should we just exclude any [^.] *Exception${noformat} from the spring blacklist entry so all spring exceptions are allowed? I haven;t checked all Springs exceptions but it would seem mostly hamrless. (DataAccessException would be blocked as it is inside org.springframework)

          Code changed in jenkins
          User: James Nord
          Path:
          src/main/java/hudson/remoting/ClassFilter.java
          src/test/java/hudson/remoting/DefaultClassFilterTest.java
          http://jenkins-ci.org/commit/remoting/d72ffb337a75913291807b3a06b9f7f02e5eac58
          Log:
          JENKINS-33999 Do no blacklist springs NestedRuntimeException

          NestedRuntimeException needs to be propagated across remoting for things
          like remote authentication schemes.

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: James Nord Path: src/main/java/hudson/remoting/ClassFilter.java src/test/java/hudson/remoting/DefaultClassFilterTest.java http://jenkins-ci.org/commit/remoting/d72ffb337a75913291807b3a06b9f7f02e5eac58 Log: JENKINS-33999 Do no blacklist springs NestedRuntimeException NestedRuntimeException needs to be propagated across remoting for things like remote authentication schemes.

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          src/main/java/hudson/remoting/ClassFilter.java
          src/test/java/hudson/remoting/DefaultClassFilterTest.java
          http://jenkins-ci.org/commit/remoting/a86a27db2c3053eadbb78f72917181edd2003984
          Log:
          Merge pull request #79 from jtnord/JENKINS-33999

          JENKINS-33999 Do not blacklist Spring’s Exceptions

          Compare: https://github.com/jenkinsci/remoting/compare/7cb41387b021...a86a27db2c30

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: src/main/java/hudson/remoting/ClassFilter.java src/test/java/hudson/remoting/DefaultClassFilterTest.java http://jenkins-ci.org/commit/remoting/a86a27db2c3053eadbb78f72917181edd2003984 Log: Merge pull request #79 from jtnord/ JENKINS-33999 JENKINS-33999 Do not blacklist Spring’s Exceptions Compare: https://github.com/jenkinsci/remoting/compare/7cb41387b021...a86a27db2c30
          James Nord made changes -
          Remote Link New: This issue links to "core PR#2243 (Web Link)" [ 14176 ]

          Code changed in jenkins
          User: James Nord
          Path:
          pom.xml
          http://jenkins-ci.org/commit/jenkins/08fe459d1219fc8f0a4cc3a7f76c42d2072b673b
          Log:
          [FIXED JENKINS-33999] Update remoting to 2.57

          This picks up the new remoting with the upstream fix for Jenkins-33999
          which allows spring Exceptions past the class blacklist

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: James Nord Path: pom.xml http://jenkins-ci.org/commit/jenkins/08fe459d1219fc8f0a4cc3a7f76c42d2072b673b Log: [FIXED JENKINS-33999] Update remoting to 2.57 This picks up the new remoting with the upstream fix for Jenkins-33999 which allows spring Exceptions past the class blacklist
          SCM/JIRA link daemon made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: In Progress [ 3 ] New: Resolved [ 5 ]

            Unassigned Unassigned
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: