Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-34881

InstallationWizard: "Create first account" pops up if SecurityRealm is configured by startup scripts

      We have a custom WAR package, which initializes Security settings on startup by Groovy Boot Hook scripts. So security is actually configured when the installation wizard starts.

      In such case "Create first account" causes confusion, because it actually does not create a user. And this screen is not required at all in such case.

      When I create user instead of skipping the step, I get a fatal error:

      Caused by: java.lang.ClassCastException: com.cloudbees.opscenter.security.OperationsCenterSecurityRealm cannot be cast to hudson.security.HudsonPrivateSecurityRealm
      	at jenkins.install.SetupWizard.doCreateAdminUser(SetupWizard.java:176)
      	... 80 more
      

      Workaround: Skip user creation

          [JENKINS-34881] InstallationWizard: "Create first account" pops up if SecurityRealm is configured by startup scripts

          Oleg Nenashev created issue -
          Oleg Nenashev made changes -
          Description Original: We have a custom WAR package, which initializes Security settings on startup by Groovy Boot Hook scripts. So security is actually configured when the installation wizard starts.

          In such case "Create first account" causes confusion, because it actually does not create a user. And this screen is not required at all in such case.

          New: We have a custom WAR package, which initializes Security settings on startup by Groovy Boot Hook scripts. So security is actually configured when the installation wizard starts.

          In such case "Create first account" causes confusion, because it actually does not create a user. And this screen is not required at all in such case.

          When I create user instead of skipping the step, I get a fatal error:

          {noformat}
          Caused by: java.lang.ClassCastException: com.cloudbees.opscenter.security.OperationsCenterSecurityRealm cannot be cast to hudson.security.HudsonPrivateSecurityRealm
          at jenkins.install.SetupWizard.doCreateAdminUser(SetupWizard.java:176)
          ... 80 more
          {noformat}

          Workaround: Skip user creation
          Priority Original: Major [ 3 ] New: Critical [ 2 ]
          Keith Zantow made changes -
          Assignee New: Keith Zantow [ kzantow ]
          Keith Zantow made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Keith Zantow made changes -
          Remote Link New: This issue links to "PR 2364 (Web Link)" [ 14328 ]

          Code changed in jenkins
          User: Keith Zantow
          Path:
          core/src/main/java/hudson/PluginManager.java
          core/src/main/java/jenkins/install/InstallState.java
          core/src/main/java/jenkins/install/InstallUtil.java
          core/src/main/java/jenkins/install/SetupWizard.java
          core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token.jelly
          http://jenkins-ci.org/commit/jenkins/723dfca37bcf3fecd33c75eaca01ce0d07014d70
          Log:
          [FIXED JENKINS-34881] - Handle pre-configured security settings for new installs (#2364)

          • [FIXED JENKINS-34881] - handle non-default security settings for new installs
          • Ensure permissions
          • Initial security authentication token should still follow redirects

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Keith Zantow Path: core/src/main/java/hudson/PluginManager.java core/src/main/java/jenkins/install/InstallState.java core/src/main/java/jenkins/install/InstallUtil.java core/src/main/java/jenkins/install/SetupWizard.java core/src/main/resources/jenkins/install/SetupWizard/authenticate-security-token.jelly http://jenkins-ci.org/commit/jenkins/723dfca37bcf3fecd33c75eaca01ce0d07014d70 Log: [FIXED JENKINS-34881] - Handle pre-configured security settings for new installs (#2364) [FIXED JENKINS-34881] - handle non-default security settings for new installs Ensure permissions Initial security authentication token should still follow redirects
          SCM/JIRA link daemon made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: In Progress [ 3 ] New: Resolved [ 5 ]
          Oleg Nenashev made changes -
          Labels Original: installation installationWizard ui New: installation installationWizard lts-candidate ui

          Oleg Nenashev added a comment -

          I nominate it for LTS backporting, because this issue really breaks the stuff for preconfigured security settings (by plugins or Groovy hook scripts)

          Oleg Nenashev added a comment - I nominate it for LTS backporting, because this issue really breaks the stuff for preconfigured security settings (by plugins or Groovy hook scripts)
          Oliver Gondža made changes -
          Labels Original: installation installationWizard lts-candidate ui New: 2.7.1-fixed installation installationWizard ui

            kzantow Keith Zantow
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: