-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
Major
-
Component/s: core
-
Environment:- Jenkins 2.2
- Server OS: Windows 7 Enterprise (64-bit)
- Plugins: ace-editor 1.1, active-directory 1.45, ant 1.2, antisamy-markup-formatter 1.3, any-buildstep 0.1, branch-api 1.7, build-pipeline-plugin 1.5.2, buildresult-trigger 0.17, cloudbees-folder 5.9, conditional-buildstep 1.3.3, credentials 1.28, credentials-binding 1.7, cvs 2.12, dashboard-view 2.9.7, durable-task 1.9, extended-choice-parameter 0.72, external-monitor-job 1.4, fstrigger 0.39, flexible-publish 0.15.2, handlebars 1.1.1, git 2.4.4, git-client 1.19.6, git-server 1.6, github 1.19.0, github-api 1.75, github-branch-source 1.6, github-organization-folder 1.3, icon-shim 2.0.3, javadoc 1.3, job-restrictions 0.4, jquery 1.11.2-0, jquery-detached 1.2.1, junit 1.13, ldap 1.12, mailer 1.17, mapdb-api 1.0.6.0, matrix-auth 1.3.2, matrix-project 1.6, maven-plugin 1.12.1, multi-slave-config-plugin 1.2.0, nodelabelparameter 1.7.2, momentjs 1.1.1, pam-auth 1.2, parameterized-trigger 2.30, pipeline-build-step 2.0, pipeline-input-step 2.0, pipeline-stage-view 1.3, pipeline-stage-step 2.1, plain-credentials 1.1, powershell 1.3, run-condition 1.0, scm-api 1.2, scm-sync-configuration 0.0.9, script-security 1.19, ssh-credentials 1.11, ssh 2.4, ssh-slaves 1.11, structs 1.1, subversion 2.5.7, token-macro 1.12.1, translation 1.14, windows-exe-runner 1.2, windows-slaves 1.1, workflow-aggregator 2.1, workflow-api 2.0, workflow-basic-steps 2.0, workflow-cps 2.2, workflow-job 2.1, workflow-multibranch 2.3, workflow-durable-task-step 2.0, workflow-scm-step 2.0, workflow-cps-global-lib 2.0, workflow-step-api 2.0, workflow-support 2.0
- Jenkins configured to serve via HTTPS on port 443 using a certificate
- Configured Jenkins URL is https://servername_vm.example.com/ (hostname is equal to the machine's FQDN)
- Browser: Chrome 50- Jenkins 2.2 - Server OS: Windows 7 Enterprise (64-bit) - Plugins: ace-editor 1.1, active-directory 1.45, ant 1.2, antisamy-markup-formatter 1.3, any-buildstep 0.1, branch-api 1.7, build-pipeline-plugin 1.5.2, buildresult-trigger 0.17, cloudbees-folder 5.9, conditional-buildstep 1.3.3, credentials 1.28, credentials-binding 1.7, cvs 2.12, dashboard-view 2.9.7, durable-task 1.9, extended-choice-parameter 0.72, external-monitor-job 1.4, fstrigger 0.39, flexible-publish 0.15.2, handlebars 1.1.1, git 2.4.4, git-client 1.19.6, git-server 1.6, github 1.19.0, github-api 1.75, github-branch-source 1.6, github-organization-folder 1.3, icon-shim 2.0.3, javadoc 1.3, job-restrictions 0.4, jquery 1.11.2-0, jquery-detached 1.2.1, junit 1.13, ldap 1.12, mailer 1.17, mapdb-api 1.0.6.0, matrix-auth 1.3.2, matrix-project 1.6, maven-plugin 1.12.1, multi-slave-config-plugin 1.2.0, nodelabelparameter 1.7.2, momentjs 1.1.1, pam-auth 1.2, parameterized-trigger 2.30, pipeline-build-step 2.0, pipeline-input-step 2.0, pipeline-stage-view 1.3, pipeline-stage-step 2.1, plain-credentials 1.1, powershell 1.3, run-condition 1.0, scm-api 1.2, scm-sync-configuration 0.0.9, script-security 1.19, ssh-credentials 1.11, ssh 2.4, ssh-slaves 1.11, structs 1.1, subversion 2.5.7, token-macro 1.12.1, translation 1.14, windows-exe-runner 1.2, windows-slaves 1.1, workflow-aggregator 2.1, workflow-api 2.0, workflow-basic-steps 2.0, workflow-cps 2.2, workflow-job 2.1, workflow-multibranch 2.3, workflow-durable-task-step 2.0, workflow-scm-step 2.0, workflow-cps-global-lib 2.0, workflow-step-api 2.0, workflow-support 2.0 - Jenkins configured to serve via HTTPS on port 443 using a certificate - Configured Jenkins URL is https://servername_vm.example.com/ (hostname is equal to the machine's FQDN) - Browser: Chrome 50
When accessing via a hostname with an underscore, many (or perhaps even all; I haven't enumerated) XHR requests fail – either with a 403 unauthorized (when logged in) or with a 200 OK but blank response (if I log in as anonymous, with anonymous granted Administer privileges).
Here are a few examples:
- At /configureSecurity/: XHR calls to /descriptorByName/hudson.security.GlobalMatrixAuthorizationStrategy/checkName?value=%5Busername%5D return either 403 (if logged in) or 200 but blank response (if anonymous w/anonymous granted Administer)
- At /configureSecurity/: clicking Save or Apply results in an error where an ActiveDirectorySecurityRealm failed to instantiate in org.kohsuke.stapler.Stapler.tryInvoke (Stapler.java:796)
- At /configure: XHR call to /$stapler/bound/[a GUID]/render returns 404 Not Found
- At /configure: all other XHR calls executed on load (/checkAdminAddress, checkDefaultSuffix, checkGitUrl, etc.) return 200 OK but have an empty response.
This issue has been tested and found present in 1.6, 2.2, and 2.3 (I haven't tested any other versions).
In 2.0+, this results in several major functionality blockers – e.g. the New Item page is blank.
