Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-3404

mix LDAP and local Hudson users

    XMLWordPrintable

Details

    • Improvement
    • Status: Open (View Workflow)
    • Trivial
    • Resolution: Unresolved
    • _unsorted, ldap-plugin
    • None
    • Platform: All, OS: All

    Description

      Would it be possible to add the following feature: have users in both LDAP and
      the the local Hudson database?

      We currently have most of our users in LDAP, but a few are not in AD (student
      employees, people in other OUs). For these users, we would like to add them as
      local Hudson users, while maintaining the LDAP users. Basically, we want to mix
      the two: LDAP and local Hudson users. Thanks in advance.

      Also, the subcomponent for this issue is not correct; but it wouldn't let me
      submit this without choosing one. Sorry!

      Attachments

        Issue Links

          Activity

            hz hz hz added a comment - - edited

            Hi I'd like to ask if you guys have such issue. I need to config mixing security realm to support Jenkins own users database and ldap. if I setup ldap only it verified successfully. but if I config ldap inside mix plugin I got following exception. 

            I am using java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64 and Jenkins 2.316

             

            "java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm"java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)Caused":"java.lang.IllegalArgumentException":"Failed to instantiate class hudson.security.LDAPSecurityRealm from"{   "value":"3",
               "stapler-class":"hudson.security.MixingSecurityRealm",
               "$class":"hudson.security.MixingSecurityRealm",
               "allowsSignup":false,
               "priority":true,
               "optional":[     

            {         "$enabled":false,          "$id":"hudson.security.SecurityRealm$None"      }

            ,
                 

            {         "$enabled":false,          "$id":"hudson.security.PAMSecurityRealm",          "serviceName":""      }

            ,
                  {         "$enabled":true,
                     "$id":"hudson.security.LDAPSecurityRealm",
                     "configurations":

            {            "server":"ldap://www.example.com",             "rootDN":"dc=example,dc=com",             "inhibitInferRootDN":false,             "userSearchBase":"OU=User Accounts",             "userSearch":"userPrincipalName=

            {0}

            ",
                        "groupSearchBase":"OU=Groups",
                        "groupSearchFilter":"(objectClass=group)",
                        "groupMembershipStrategy":

            {               "value":"0",                "attributeName":"memberOf",                "stapler-class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy",                "$class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy"            }

            ,
                        "managerDN":"CN=onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com",
                        "managerPasswordSecret":"[value redacted]",
                        "$redact":"managerPasswordSecret",
                        "displayNameAttributeName":"displayname",
                        "mailAddressAttributeName":"mail",
                        "ignoreIfUnavailable":false         },
                     "":[            "0",
                        "0"         ],
                     "userIdStrategy":

            {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         }

            ,
                     "groupIdStrategy":

            {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         }

            ,
                     "disableMailAddressResolver":false,
                     "disableRolePrefixing":true      },
                 

            {         "$enabled":false,          "$id":"hudson.security.LegacySecurityRealm"      }

               ]}

            hz hz hz added a comment - - edited Hi I'd like to ask if you guys have such issue. I need to config mixing security realm to support Jenkins own users database and ldap. if I setup ldap only it verified successfully. but if I config ldap inside mix plugin I got following exception.  I am using java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64 and Jenkins 2.316   "java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm"java.lang.IllegalArgumentException":Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)Caused":"java.lang.IllegalArgumentException":"Failed to instantiate class hudson.security.LDAPSecurityRealm from"{   "value":"3",    "stapler-class":"hudson.security.MixingSecurityRealm",    "$class":"hudson.security.MixingSecurityRealm",    "allowsSignup":false,    "priority":true,    "optional":[      {         "$enabled":false,          "$id":"hudson.security.SecurityRealm$None"      } ,       {         "$enabled":false,          "$id":"hudson.security.PAMSecurityRealm",          "serviceName":""      } ,       {         "$enabled":true,          "$id":"hudson.security.LDAPSecurityRealm",          "configurations": {            "server":"ldap://www.example.com",             "rootDN":"dc=example,dc=com",             "inhibitInferRootDN":false,             "userSearchBase":"OU=User Accounts",             "userSearch":"userPrincipalName= {0} ",             "groupSearchBase":"OU=Groups",             "groupSearchFilter":"(objectClass=group)",             "groupMembershipStrategy": {               "value":"0",                "attributeName":"memberOf",                "stapler-class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy",                "$class":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy"            } ,             "managerDN":"CN=onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com",             "managerPasswordSecret":" [value redacted] ",             "$redact":"managerPasswordSecret",             "displayNameAttributeName":"displayname",             "mailAddressAttributeName":"mail",             "ignoreIfUnavailable":false         },          "":[            "0",             "0"         ],          "userIdStrategy": {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         } ,          "groupIdStrategy": {            "stapler-class":"jenkins.model.IdStrategy$CaseInsensitive",             "$class":"jenkins.model.IdStrategy$CaseInsensitive"         } ,          "disableMailAddressResolver":false,          "disableRolePrefixing":true      },       {         "$enabled":false,          "$id":"hudson.security.LegacySecurityRealm"      }    ]}
            kon Kalle Niemitalo added a comment - - edited

            Is there a stack trace for this exception? More than just this

            at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)

            kon Kalle Niemitalo added a comment - - edited Is there a stack trace for this exception? More than just this at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON("RequestImpl.java":"683)
            hz hz hz added a comment - - edited
            java.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealmjava.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:683)Caused: java.lang.IllegalArgumentException: Failed to instantiate class hudson.security.LDAPSecurityRealm from {"value":"3","stapler-class":"hudson.security.MixingSecurityRealm","$class":"hudson.security.MixingSecurityRealm","allowsSignup":false,"priority":true,"optional":[{"$enabled":false,"$id":"hudson.security.SecurityRealm$None"},{"$enabled":false,"$id":"hudson.security.PAMSecurityRealm","serviceName":""},{"$enabled":true,"$id":"hudson.security.LDAPSecurityRealm","configurations":{"server":"ldap://www.example.com","rootDN":"dc=example,dc=com","inhibitInferRootDN":false,"userSearchBase":"OU=User Accounts","userSearch":"userPrincipalName={0}","groupSearchBase":"OU=Groups","groupSearchFilter":"(objectClass=group)","groupMembershipStrategy":{"value":"0","attributeName":"memberOf","stapler-class<span class="code-quote">":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy","$class<span class="code-quote">":"jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy"},"managerDN":"CN=ci-build-onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com","managerPasswordSecret":"[value redacted]","$redact":"managerPasswordSecret","displayNameAttributeName":"displayname","mailAddressAttributeName":"mail","ignoreIfUnavailable":false},"":["0","0"],"userIdStrategy":{"stapler-class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive","$class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive"},"groupIdStrategy":{"stapler-class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive","$class<span class="code-quote">":"jenkins.model.IdStrategy$CaseInsensitive"},"disableMailAddressResolver":false,"disableRolePrefixing":true},{"$enabled":false,"$id":"hudson.security.LegacySecurityRealm"}]} at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:693) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:490) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:486) at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1543) at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:393)Caused: java.lang.reflect.InvocationTargetException at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:405) at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77) at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:208) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:141) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694) at org.kohsuke.stapler.Stapler.service(Stapler.java:240) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:156) at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:80) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:128) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:159) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:153) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:92) at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:53) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:121) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:101) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:92) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:62) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:109) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:85) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:39) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:516) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) at java.base/java.lang.Thread.run(Thread.java:829)
            

            here is the stack trace. thank you so much for your quick respons 

            hz hz hz added a comment - - edited java.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealmjava.lang.IllegalArgumentException: Specified type class hudson.security.MixingSecurityRealm is not assignable to the expected class hudson.security.LDAPSecurityRealm at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:683)Caused: java.lang.IllegalArgumentException: Failed to instantiate class hudson.security.LDAPSecurityRealm from { "value" : "3" , "stapler-class" : "hudson.security.MixingSecurityRealm" , "$class" : "hudson.security.MixingSecurityRealm" , "allowsSignup" : false , "priority" : true , "optional" :[{ "$enabled" : false , "$id" : "hudson.security.SecurityRealm$None" },{ "$enabled" : false , "$id" : "hudson.security.PAMSecurityRealm" , "serviceName" : ""},{" $enabled ": true ," $id ":" hudson.security.LDAPSecurityRealm "," configurations ":{" server ":" ldap: //www.example.com "," rootDN ":" dc=example,dc=com "," inhibitInferRootDN ": false ," userSearchBase ":" OU=User Accounts "," userSearch ":" userPrincipalName={0} "," groupSearchBase ":" OU=Groups "," groupSearchFilter ":" (objectClass=group) "," groupMembershipStrategy ":{" value ":" 0 "," attributeName ":" memberOf "," stapler- class& lt;span class= "code-quote" > ":" jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy "," $ class& lt;span class= "code-quote" > ":" jenkins.security.plugins.ldap.FromUserRecordLDAPGroupMembershipStrategy "}," managerDN ":" CN=ci-build-onprembuild,OU=Service Accounts,OU=User Accounts,DC=example,DC=com "," managerPasswordSecret ":" [value redacted] "," $redact ":" managerPasswordSecret "," displayNameAttributeName ":" displayname "," mailAddressAttributeName ":" mail "," ignoreIfUnavailable ": false }," ":[" 0 "," 0 "]," userIdStrategy ":{" stapler- class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "," $ class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "}," groupIdStrategy ":{" stapler- class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "," $ class& lt;span class= "code-quote" > ":" jenkins.model.IdStrategy$CaseInsensitive "}," disableMailAddressResolver ": false ," disableRolePrefixing ": true },{" $enabled ": false ," $id ":" hudson.security.LegacySecurityRealm"}]} at org.kohsuke.stapler.RequestImpl$TypePair.convertJSON(RequestImpl.java:693) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:490) at org.kohsuke.stapler.RequestImpl.bindJSON(RequestImpl.java:486) at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1543) at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:393)Caused: java.lang.reflect.InvocationTargetException at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:405) at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77) at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:208) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:141) at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694) at org.kohsuke.stapler.Stapler.service(Stapler.java:240) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:156) at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:80) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:128) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:153) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:159) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:153) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:92) at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:53) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:121) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:101) at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:92) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:62) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:97) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:109) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:85) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:39) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:516) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) at java.base/java.lang. Thread .run( Thread .java:829) here is the stack trace. thank you so much for your quick respons 
            peachy_devops Loren Alatan added a comment -

            Hi promissing I tried installing the https://github.com/wenjunxiao/mixing-security-realm-plugin plugin. It kind of works having ldap users and a local jenkins user at the same time but ldap groups were not allowed. Are you aware of this issue?
            Thank you very much.

            peachy_devops Loren Alatan added a comment - Hi promissing I tried installing the https://github.com/wenjunxiao/mixing-security-realm-plugin plugin. It kind of works having ldap users and a local jenkins user at the same time but ldap groups were not allowed. Are you aware of this issue? Thank you very much.
            peachy_devops Loren Alatan added a comment -

            Tried updating Active Directory plugin to 2.25.1 from 2.25 but it became worse. LDAP users and groups are not working anymore.

            peachy_devops Loren Alatan added a comment - Tried updating Active Directory plugin to 2.25.1 from 2.25 but it became worse. LDAP users and groups are not working anymore.

            People

              Unassigned Unassigned
              abrowne abrowne
              Votes:
              62 Vote for this issue
              Watchers:
              60 Start watching this issue

              Dates

                Created:
                Updated: