Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-34881

InstallationWizard: "Create first account" pops up if SecurityRealm is configured by startup scripts

      We have a custom WAR package, which initializes Security settings on startup by Groovy Boot Hook scripts. So security is actually configured when the installation wizard starts.

      In such case "Create first account" causes confusion, because it actually does not create a user. And this screen is not required at all in such case.

      When I create user instead of skipping the step, I get a fatal error:

      Caused by: java.lang.ClassCastException: com.cloudbees.opscenter.security.OperationsCenterSecurityRealm cannot be cast to hudson.security.HudsonPrivateSecurityRealm
      	at jenkins.install.SetupWizard.doCreateAdminUser(SetupWizard.java:176)
      	... 80 more
      

      Workaround: Skip user creation

          [JENKINS-34881] InstallationWizard: "Create first account" pops up if SecurityRealm is configured by startup scripts

          Code changed in jenkins
          User: Keith Zantow
          Path:
          core/src/main/java/hudson/PluginManager.java
          core/src/main/java/jenkins/install/InstallState.java
          core/src/main/java/jenkins/install/InstallUtil.java
          core/src/main/java/jenkins/install/SetupWizard.java
          core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token.jelly
          http://jenkins-ci.org/commit/jenkins/723dfca37bcf3fecd33c75eaca01ce0d07014d70
          Log:
          [FIXED JENKINS-34881] - Handle pre-configured security settings for new installs (#2364)

          • [FIXED JENKINS-34881] - handle non-default security settings for new installs
          • Ensure permissions
          • Initial security authentication token should still follow redirects

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Keith Zantow Path: core/src/main/java/hudson/PluginManager.java core/src/main/java/jenkins/install/InstallState.java core/src/main/java/jenkins/install/InstallUtil.java core/src/main/java/jenkins/install/SetupWizard.java core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token.jelly http://jenkins-ci.org/commit/jenkins/723dfca37bcf3fecd33c75eaca01ce0d07014d70 Log: [FIXED JENKINS-34881] - Handle pre-configured security settings for new installs (#2364) [FIXED JENKINS-34881] - handle non-default security settings for new installs Ensure permissions Initial security authentication token should still follow redirects

          Oleg Nenashev added a comment -

          I nominate it for LTS backporting, because this issue really breaks the stuff for preconfigured security settings (by plugins or Groovy hook scripts)

          Oleg Nenashev added a comment - I nominate it for LTS backporting, because this issue really breaks the stuff for preconfigured security settings (by plugins or Groovy hook scripts)

          Code changed in jenkins
          User: Keith Zantow
          Path:
          core/src/main/java/hudson/PluginManager.java
          core/src/main/java/jenkins/install/InstallState.java
          core/src/main/java/jenkins/install/InstallUtil.java
          core/src/main/java/jenkins/install/SetupWizard.java
          core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token.jelly
          http://jenkins-ci.org/commit/jenkins/1fef3f4b73dcd01d44bfc5275c5e2bfa963a74ae
          Log:
          [FIXED JENKINS-34881] - Handle pre-configured security settings for new installs (#2364)

          • [FIXED JENKINS-34881] - handle non-default security settings for new installs
          • Ensure permissions
          • Initial security authentication token should still follow redirects

          (cherry picked from commit 723dfca37bcf3fecd33c75eaca01ce0d07014d70)

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Keith Zantow Path: core/src/main/java/hudson/PluginManager.java core/src/main/java/jenkins/install/InstallState.java core/src/main/java/jenkins/install/InstallUtil.java core/src/main/java/jenkins/install/SetupWizard.java core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token.jelly http://jenkins-ci.org/commit/jenkins/1fef3f4b73dcd01d44bfc5275c5e2bfa963a74ae Log: [FIXED JENKINS-34881] - Handle pre-configured security settings for new installs (#2364) [FIXED JENKINS-34881] - handle non-default security settings for new installs Ensure permissions Initial security authentication token should still follow redirects (cherry picked from commit 723dfca37bcf3fecd33c75eaca01ce0d07014d70)

            kzantow Keith Zantow
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: