[JENKINS-33999] add org.spring.core.NestedRuntimeException to the whitelist - Jenkins Jira

XML

Word

Printable

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Minor
Resolution: Fixed
Component/s: remoting
Labels:
- 1.651.2-fixed

Similar Issues:

Show

Description

it is required for some exceptions to be propagated over the remoting chanel, however some 3rd party (acegi) exceptions are subclasses of org.springframework.core.NestedRuntimeException which is blocked by the remote classloading. This exception is safe so should be allowed.

Attachments

Issue Links

links to

CloudBees Internal CJP-4468

core PR#2243

PR 79

Activity

Ascending order - Click to sort in descending order

James Nord created issue - 2016-04-04 13:13

James Nord made changes - 2016-04-04 13:14

Field	Original Value	New Value
Status	Open [ 1 ]	In Progress [ 3 ]

Jesse Glick made changes - 2016-04-04 15:47

Remote Link

This issue links to "PR 79 (Web Link)" [ 14160 ]

Jesse Glick added a comment - 2016-04-04 15:53

Specifically AcegiSecurityException and thus its subtypes like UsernameNotFoundException used by Jenkins extend NestedRuntimeException.

Jesse Glick added a comment - 2016-04-04 15:53 Specifically AcegiSecurityException and thus its subtypes like UsernameNotFoundException used by Jenkins extend NestedRuntimeException .

Jesse Glick added a comment - 2016-04-04 15:55

Also DataAccessException.

Jesse Glick added a comment - 2016-04-04 15:55 Also DataAccessException .

James Nord added a comment - 2016-04-04 16:31 - edited

jglick should we just exclude any

[^.]*Exception${noformat} from the spring blacklist entry so all spring exceptions are allowed?

I haven;t checked all Springs exceptions but it would seem mostly hamrless. (DataAccessException would be blocked as it is inside org.springframework)

James Nord added a comment - 2016-04-04 16:31 - edited jglick should we just exclude any [^.] *Exception${noformat} from the spring blacklist entry so all spring exceptions are allowed? I haven;t checked all Springs exceptions but it would seem mostly hamrless. (DataAccessException would be blocked as it is inside org.springframework)

SCM/JIRA link daemon added a comment - 2016-04-05 11:55

Code changed in jenkins
User: James Nord
Path:
src/main/java/hudson/remoting/ClassFilter.java
src/test/java/hudson/remoting/DefaultClassFilterTest.java
http://jenkins-ci.org/commit/remoting/d72ffb337a75913291807b3a06b9f7f02e5eac58
Log:
~~JENKINS-33999~~ Do no blacklist springs NestedRuntimeException

NestedRuntimeException needs to be propagated across remoting for things
like remote authentication schemes.

SCM/JIRA link daemon added a comment - 2016-04-05 11:55 Code changed in jenkins User: James Nord Path: src/main/java/hudson/remoting/ClassFilter.java src/test/java/hudson/remoting/DefaultClassFilterTest.java http://jenkins-ci.org/commit/remoting/d72ffb337a75913291807b3a06b9f7f02e5eac58 Log: JENKINS-33999 Do no blacklist springs NestedRuntimeException NestedRuntimeException needs to be propagated across remoting for things like remote authentication schemes.

SCM/JIRA link daemon added a comment - 2016-04-05 11:55

Code changed in jenkins
User: Oleg Nenashev
Path:
src/main/java/hudson/remoting/ClassFilter.java
src/test/java/hudson/remoting/DefaultClassFilterTest.java
http://jenkins-ci.org/commit/remoting/a86a27db2c3053eadbb78f72917181edd2003984
Log:
Merge pull request #79 from jtnord/~~JENKINS-33999~~

~~JENKINS-33999~~ Do not blacklist Spring’s Exceptions

Compare: https://github.com/jenkinsci/remoting/compare/7cb41387b021...a86a27db2c30

SCM/JIRA link daemon added a comment - 2016-04-05 11:55 Code changed in jenkins User: Oleg Nenashev Path: src/main/java/hudson/remoting/ClassFilter.java src/test/java/hudson/remoting/DefaultClassFilterTest.java http://jenkins-ci.org/commit/remoting/a86a27db2c3053eadbb78f72917181edd2003984 Log: Merge pull request #79 from jtnord/ JENKINS-33999 JENKINS-33999 Do not blacklist Spring’s Exceptions Compare: https://github.com/jenkinsci/remoting/compare/7cb41387b021...a86a27db2c30

James Nord made changes - 2016-04-08 10:40

Remote Link

This issue links to "core PR#2243 (Web Link)" [ 14176 ]

SCM/JIRA link daemon added a comment - 2016-04-09 14:26

Code changed in jenkins
User: James Nord
Path:
pom.xml
http://jenkins-ci.org/commit/jenkins/08fe459d1219fc8f0a4cc3a7f76c42d2072b673b
Log:
[FIXED JENKINS-33999] Update remoting to 2.57

This picks up the new remoting with the upstream fix for Jenkins-33999
which allows spring Exceptions past the class blacklist

SCM/JIRA link daemon added a comment - 2016-04-09 14:26 Code changed in jenkins User: James Nord Path: pom.xml http://jenkins-ci.org/commit/jenkins/08fe459d1219fc8f0a4cc3a7f76c42d2072b673b Log: [FIXED JENKINS-33999] Update remoting to 2.57 This picks up the new remoting with the upstream fix for Jenkins-33999 which allows spring Exceptions past the class blacklist

SCM/JIRA link daemon made changes - 2016-04-09 14:26

Resolution		Fixed [ 1 ]
Status	In Progress [ 3 ]	Resolved [ 5 ]

SCM/JIRA link daemon added a comment - 2016-04-09 14:26

Code changed in jenkins
User: Daniel Beck
Path:
pom.xml
http://jenkins-ci.org/commit/jenkins/90d051b7f2dfb5890fb70985f30abcbf5f587be6
Log:
Merge pull request #2243 from jtnord/jenkins-33999

[FIXED JENKINS-33999] Update remoting to 2.57

Compare: https://github.com/jenkinsci/jenkins/compare/d8af38b7e336...90d051b7f2df

SCM/JIRA link daemon added a comment - 2016-04-09 14:26 Code changed in jenkins User: Daniel Beck Path: pom.xml http://jenkins-ci.org/commit/jenkins/90d051b7f2dfb5890fb70985f30abcbf5f587be6 Log: Merge pull request #2243 from jtnord/jenkins-33999 [FIXED JENKINS-33999] Update remoting to 2.57 Compare: https://github.com/jenkinsci/jenkins/compare/d8af38b7e336...90d051b7f2df

James Nord made changes - 2016-04-11 10:43

Labels

lts-candidate

Oliver Gondža made changes - 2016-04-25 14:55

Labels

lts-candidate

1.651.2-fixed

SCM/JIRA link daemon added a comment - 2016-04-27 13:17

Code changed in jenkins
User: James Nord
Path:
pom.xml
http://jenkins-ci.org/commit/jenkins/f391f8be2bd09171b0e9f2e0948e68140e710389
Log:
[FIXED JENKINS-33999] Update remoting to 2.57

This picks up the new remoting with the upstream fix for Jenkins-33999
which allows spring Exceptions past the class blacklist

(cherry picked from commit 08fe459d1219fc8f0a4cc3a7f76c42d2072b673b)

SCM/JIRA link daemon added a comment - 2016-04-27 13:17 Code changed in jenkins User: James Nord Path: pom.xml http://jenkins-ci.org/commit/jenkins/f391f8be2bd09171b0e9f2e0948e68140e710389 Log: [FIXED JENKINS-33999] Update remoting to 2.57 This picks up the new remoting with the upstream fix for Jenkins-33999 which allows spring Exceptions past the class blacklist (cherry picked from commit 08fe459d1219fc8f0a4cc3a7f76c42d2072b673b)

R. Tyler Croy made changes - 2016-07-25 23:57

Workflow

JNJira [ 170015 ]

JNJira + In-Review [ 198763 ]

CloudBees Inc. made changes - 2017-12-06 18:56

Remote Link

This issue links to "CloudBees Internal CJP-4468 (Web Link)" [ 19297 ]

James Nord made changes - 2020-12-10 13:45

Assignee

James Nord [ teilo ]

People

Assignee:: Unassigned

Reporter:: James Nord

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2016-04-04 13:13

Updated:: 2020-12-10 13:45

Resolved:: 2016-04-09 14:26