• Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Trivial Trivial
    • ldap-plugin
    • None
    • Platform: All, OS: All

      Would it be possible to add the following feature: have users in both LDAP and
      the the local Hudson database?

      We currently have most of our users in LDAP, but a few are not in AD (student
      employees, people in other OUs). For these users, we would like to add them as
      local Hudson users, while maintaining the LDAP users. Basically, we want to mix
      the two: LDAP and local Hudson users. Thanks in advance.

      Also, the subcomponent for this issue is not correct; but it wouldn't let me
      submit this without choosing one. Sorry!

          [JENKINS-3404] mix LDAP and local Hudson users

          Deepak added a comment -

          12 years and no progress on this. Not sure if there gonna be any useful feature like this in jenkins. 

          Deepak added a comment - 12 years and no progress on this. Not sure if there gonna be any useful feature like this in jenkins. 

          deepakn fortunately now you're here to implement it. Thanks!

          Baptiste Mathus added a comment - deepakn  fortunately now you're here to implement it. Thanks!

          Deepak added a comment -

          batmat Not sure if you are being sarcastic or funny. Either ways I won't be able to implement it. My comment was not intented to hurt any one. If you got offended somehow then I'm sorry.

          Deepak added a comment - batmat  Not sure if you are being sarcastic or funny. Either ways I won't be able to implement it. My comment was not intented to hurt any one. If you got offended somehow then I'm sorry.

          mixing-security-realm-plugin is now hosted at https://github.com/jenkinsci/mixing-security-realm-plugin but does not seem to have any releases available from the update center yet.

          Kalle Niemitalo added a comment - mixing-security-realm-plugin is now hosted at https://github.com/jenkinsci/mixing-security-realm-plugin but does not seem to have any releases available from the update center yet.

          WENJUN XIAO added a comment -

          mix-security-realm-plugin has been published to update center, Sorry for not posting to the update center in time due to configuration and permission issues.

          WENJUN XIAO added a comment - mix-security-realm-plugin has been published to update center, Sorry for not posting to the update center in time due to configuration and permission issues.

          hz hz added a comment - - edited

          Hi I'd like to ask if you guys have such issue. I need to config mixing security realm to support Jenkins own users database and ldap. if I setup ldap only it verified successfully. but if I config ldap inside mix plugin I got following exception. 

          I am using java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64 and Jenkins 2.316

           

          "java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm"java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)Caused":"java.lang.IllegalArgumentException":"Failed to instantiate class hudson.security.LDAPSecurityRealm from"{   "value":"3",
             "stapler-class":"hudson.security.MixingSecurityRealm",
             "$class":"hudson.security.MixingSecurityRealm",
             "allowsSignup":false,
             "priority":true,
             "optional":[     

          {         "$enabled":false,          "$id":"hudson.security.SecurityRealm$None"      }

          ,
               

          {         "$enabled":false,          "$id":"hudson.security.PAMSecurityRealm",          "serviceName":""      }

          ,
                {         "$enabled":true,
                   "$id":"hudson.security.LDAPSecurityRealm",
                   "configurations":

          {            "server":"ldap://www.example.com",             "rootDN":"dc=example,dc=com",             "inhibitInferRootDN":false,             "userSearchBase":"OU=User Accounts",             "userSearch":"userPrincipalName=

          {0}

          ",
                      "groupSearchBase":"OU=Groups",
                      "groupSearchFilter":"(objectClass=group)",
                      "groupMembershipStrategy":

          {               "value":"0",                "attributeName":"memberOf",                "stapler-class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy",                "$class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy"            }

          ,
                      "managerDN":"CN=onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com",
                      "managerPasswordSecret":"[value redacted]",
                      "$redact":"managerPasswordSecret",
                      "displayNameAttributeName":"displayname",
                      "mailAddressAttributeName":"mail",
                      "ignoreIfUnavailable":false         },
                   "":[            "0",
                      "0"         ],
                   "userIdStrategy":

          {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         }

          ,
                   "groupIdStrategy":

          {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         }

          ,
                   "disableMailAddressResolver":false,
                   "disableRolePrefixing":true      },
               

          {         "$enabled":false,          "$id":"hudson.security.LegacySecurityRealm"      }

             ]}

          hz hz added a comment - - edited Hi I'd like to ask if you guys have such issue. I need to config mixing security realm to support Jenkins own users database and ldap. if I setup ldap only it verified successfully. but if I config ldap inside mix plugin I got following exception.  I am using java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64 and Jenkins 2.316   "java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm"java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)Caused":"java.lang.IllegalArgumentException":"Failed to instantiate class hudson.security.LDAPSecurityRealm from"{   "value":"3",    "stapler-class":"hudson.security.MixingSecurityRealm",    "$class":"hudson.security.MixingSecurityRealm",    "allowsSignup":false,    "priority":true,    "optional":[      {         "$enabled":false,          "$id":"hudson.security.SecurityRealm$None"      } ,       {         "$enabled":false,          "$id":"hudson.security.PAMSecurityRealm",          "serviceName":""      } ,       {         "$enabled":true,          "$id":"hudson.security.LDAPSecurityRealm",          "configurations": {            "server":"ldap://www.example.com",             "rootDN":"dc=example,dc=com",             "inhibitInferRootDN":false,             "userSearchBase":"OU=User Accounts",             "userSearch":"userPrincipalName= {0} ",             "groupSearchBase":"OU=Groups",             "groupSearchFilter":"(objectClass=group)",             "groupMembershipStrategy": {               "value":"0",                "attributeName":"memberOf",                "stapler-class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy",                "$class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy"            } ,             "managerDN":"CN=onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com",             "managerPasswordSecret":" [value redacted] ",             "$redact":"managerPasswordSecret",             "displayNameAttributeName":"displayname",             "mailAddressAttributeName":"mail",             "ignoreIfUnavailable":false         },          "":[            "0",             "0"         ],          "userIdStrategy": {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         } ,          "groupIdStrategy": {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         } ,          "disableMailAddressResolver":false,          "disableRolePrefixing":true      },       {         "$enabled":false,          "$id":"hudson.security.LegacySecurityRealm"      }    ]}

          Kalle Niemitalo added a comment - - edited

          Is there a stack trace for this exception? More than just this

          at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)

          Kalle Niemitalo added a comment - - edited Is there a stack trace for this exception? More than just this at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)

          hz hz added a comment - - edited
          java.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealmjava.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:683)Caused: java.lang.IllegalArgumentException: Failed to instantiate class hudson.security.LDAPSecurityRealm from {"value":"3","stapler-class":"hudson.security.MixingSecurityRealm","$class":"hudson.security.MixingSecurityRealm","allowsSignup":false,"priority":true,"optional":[{"$enabled":false,"$id":"hudson.security.SecurityRealm$None"},{"$enabled":false,"$id":"hudson.security.PAMSecurityRealm","serviceName":""},{"$enabled":true,"$id":"hudson.security.LDAPSecurityRealm","configurations":{"server":"ldap://www.example.com","rootDN":"dc=example,dc=com","inhibitInferRootDN":false,"userSearchBase":"OU=User Accounts","userSearch":"userPrincipalName={0}","groupSearchBase":"OU=Groups","groupSearchFilter":"(objectClass=group)","groupMembershipStrategy":{"value":"0","attributeName":"memberOf","stapler-class<span class="code-quote">":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy","$class<span class="code-quote">":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy"},"managerDN":"CN=ci-build-onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com","managerPasswordSecret":"[value redacted]","$redact":"managerPasswordSecret","displayNameAttributeName":"displayname","mailAddressAttributeName":"mail","ignoreIfUnavailable":false},"":["0","0"],"userIdStrategy":{"stapler-class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive","$class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive"},"groupIdStrategy":{"stapler-class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive","$class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive"},"disableMailAddressResolver":false,"disableRolePrefixing":true},{"$enabled":false,"$id":"hudson.security.LegacySecurityRealm"}]} at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:693) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:490) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:486) at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1543) at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:393)Caused: java.lang.reflect.InvocationTargetException at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:405) at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77) at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:208) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:141) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694) at org.kohsuke.stapler.Stapler.service(Stapler.java:240) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:156) at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:80) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:128) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:159) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:153) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:92) at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:53) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:121) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:101) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:92) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:62) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:109) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:85) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:39) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:516) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) at java.base/java.lang.Thread.run(Thread.java:829)
          

          here is the stack trace. thank you so much for your quick respons 

          hz hz added a comment - - edited java.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealmjava.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:683)Caused: java.lang.IllegalArgumentException: Failed to instantiate class hudson.security.LDAPSecurityRealm from { "value" : "3" , "stapler-class" : "hudson.security.MixingSecurityRealm" , "$class" : "hudson.security.MixingSecurityRealm" , "allowsSignup" : false , "priority" : true , "optional" :[{ "$enabled" : false , "$id" : "hudson.security.SecurityRealm$None" },{ "$enabled" : false , "$id" : "hudson.security.PAMSecurityRealm" , "serviceName" : ""},{" $enabled ": true ," $id ":" hudson.security.LDAPSecurityRealm "," configurations ":{" server ":" ldap: //www.example.com "," rootDN ":" dc=example,dc=com "," inhibitInferRootDN ": false ," userSearchBase ":" OU=User Accounts "," userSearch ":" userPrincipalName={0} "," groupSearchBase ":" OU=Groups "," groupSearchFilter ":" (objectClass=group) "," groupMembershipStrategy ":{" value ":" 0 "," attributeName ":" memberOf "," stapler- class& lt;span class= "code-quote" > ":" jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy "," $ class& lt;span class= "code-quote" > ":" jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy "}," managerDN ":" CN=ci-build-onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com "," managerPasswordSecret ":" [value redacted] "," $redact ":" managerPasswordSecret "," displayNameAttributeName ":" displayname "," mailAddressAttributeName ":" mail "," ignoreIfUnavailable ": false }," ":[" 0 "," 0 "]," userIdStrategy ":{" stapler- class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "," $ class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "}," groupIdStrategy ":{" stapler- class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "," $ class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "}," disableMailAddressResolver ": false ," disableRolePrefixing ": true },{" $enabled ": false ," $id ":" hudson.security.LegacySecurityRealm"}]} at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:693) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:490) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:486) at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1543) at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:393)Caused: java.lang.reflect.InvocationTargetException at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:405) at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77) at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:208) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:141) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694) at org.kohsuke.stapler.Stapler.service(Stapler.java:240) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:156) at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:80) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:128) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:159) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:153) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:92) at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:53) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:121) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:101) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:92) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:62) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:109) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:85) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:39) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:516) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) at java.base/java.lang. Thread .run( Thread .java:829) here is the stack trace. thank you so much for your quick respons 

          Loren Alatan added a comment -

          Hi promissing I tried installing the https://github.com/wenjunxiao/mixing-security-realm-plugin plugin. It kind of works having ldap users and a local jenkins user at the same time but ldap groups were not allowed. Are you aware of this issue?
          Thank you very much.

          Loren Alatan added a comment - Hi promissing I tried installing the https://github.com/wenjunxiao/mixing-security-realm-plugin plugin. It kind of works having ldap users and a local jenkins user at the same time but ldap groups were not allowed. Are you aware of this issue? Thank you very much.

          Loren Alatan added a comment -

          Tried updating Active Directory plugin to 2.25.1 from 2.25 but it became worse. LDAP users and groups are not working anymore.

          Loren Alatan added a comment - Tried updating Active Directory plugin to 2.25.1 from 2.25 but it became worse. LDAP users and groups are not working anymore.

            Unassigned Unassigned
            abrowne abrowne
            Votes:
            64 Vote for this issue
            Watchers:
            61 Start watching this issue

              Created:
              Updated: