Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-34894

Jenkins github oAuth breaks UI in anonymous login

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • github-oauth-plugin
    • None
    • Jenkins 2.5, GitHub oAuth 0.23

      Seeing "java.lang.ClassCastException: org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken cannot be cast to org.jenkinsci.plugins.GithubAuthenticationToken" errors on Jenkins 2.5, GitHub oAuth 0.23 with the user interface images (i.e. http://jenkins/static/0e8678ad/images/32x32/red.png ) when users are anonymous.

          [JENKINS-34894] Jenkins github oAuth breaks UI in anonymous login

          Ronald Gundlach-Chmara added a comment - - edited

          Disabling 243, as suggested in a possibly related bug, did not fix.

          JENKINS_JAVA_OPTIONS="-Dhudson.model.User.SECURITY_243_FULL_DEFENSE=false"

          Ronald Gundlach-Chmara added a comment - - edited Disabling 243, as suggested in a possibly related bug, did not fix. JENKINS_JAVA_OPTIONS="-Dhudson.model.User.SECURITY_243_FULL_DEFENSE=false"

          Sam Gleske added a comment -

          Can you describe more about how you reproduce it? I have no idea how to authenticate with AnonymousAuthenticationToken. Please describe how you've configured Jenkins with OAuth and any curl commands or other commands you're using to trigger the error.

          Sam Gleske added a comment - Can you describe more about how you reproduce it? I have no idea how to authenticate with AnonymousAuthenticationToken . Please describe how you've configured Jenkins with OAuth and any curl commands or other commands you're using to trigger the error.

          Ronald Gundlach-Chmara added a comment -

          Environment details: A Local GitHub Enterprise 2.6.1 install is the auth verification source. Using GitHub Committer Authorization Strategy. Attached screenshot links show settings used for security/auth, and settings used for jenkins github config. (There is a lab install, and a corp install, I have lab for testing).

          Jenkins GitHub settings (in case they're relevant):
          https://www.dropbox.com/s/xah9mth12ip1e96/GitHuboAuthsettings.png?dl=0
          In this link, the generic "GitHub Servers" , there is the lab server used for local authentication, and in "GitHub Enterprise Servers", there are the lab and production servers. (Attempting to remove the lab server from the github servers has no effect.)

          Jenkins GitHub in Security:
          https://www.dropbox.com/s/ukxais4v5yj7hyz/GitHuboAuthsettings2.png?dl=0
          In this link, the lab server is being used for GitHub oAuth, with GitHub Commiter Authorization strategy, with all options allowed save for 'Create Job.."

          Longer stacktrace of the error:

          java.lang.ClassCastException: org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken cannot be cast to org.jenkinsci.plugins.GithubAuthenticationToken
          at org.jenkinsci.plugins.GithubSecurityRealm.loadUserByUsername(GithubSecurityRealm.java:639)
          at hudson.model.User$UserIDCanonicalIdResolver.resolveCanonicalId(User.java:1050)
          at hudson.model.User.get(User.java:395)
          at hudson.model.User.get(User.java:364)
          at jenkins.model.Jenkins.getUser(Jenkins.java:2642)
          at hudson.plugins.greenballs.GreenBallFilter.mapImage(GreenBallFilter.java:67)
          at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:48)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
          at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:126)
          at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
          ....

          Ronald Gundlach-Chmara added a comment - Environment details: A Local GitHub Enterprise 2.6.1 install is the auth verification source. Using GitHub Committer Authorization Strategy. Attached screenshot links show settings used for security/auth, and settings used for jenkins github config. (There is a lab install, and a corp install, I have lab for testing). Jenkins GitHub settings (in case they're relevant): https://www.dropbox.com/s/xah9mth12ip1e96/GitHuboAuthsettings.png?dl=0 In this link, the generic "GitHub Servers" , there is the lab server used for local authentication, and in "GitHub Enterprise Servers", there are the lab and production servers. (Attempting to remove the lab server from the github servers has no effect.) Jenkins GitHub in Security: https://www.dropbox.com/s/ukxais4v5yj7hyz/GitHuboAuthsettings2.png?dl=0 In this link, the lab server is being used for GitHub oAuth, with GitHub Commiter Authorization strategy, with all options allowed save for 'Create Job.." Longer stacktrace of the error: java.lang.ClassCastException: org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken cannot be cast to org.jenkinsci.plugins.GithubAuthenticationToken at org.jenkinsci.plugins.GithubSecurityRealm.loadUserByUsername(GithubSecurityRealm.java:639) at hudson.model.User$UserIDCanonicalIdResolver.resolveCanonicalId(User.java:1050) at hudson.model.User.get(User.java:395) at hudson.model.User.get(User.java:364) at jenkins.model.Jenkins.getUser(Jenkins.java:2642) at hudson.plugins.greenballs.GreenBallFilter.mapImage(GreenBallFilter.java:67) at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:48) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:126) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) ....

          Ronald Gundlach-Chmara added a comment -

          Before logging in (subset of screen for brevity)
          https://www.dropbox.com/s/8i5g21syy2otk7n/imageui1.png?dl=0
          After logging in:
          https://www.dropbox.com/s/6xv5yjzjc2fu60s/imageui2.png?dl=0

          Ronald Gundlach-Chmara added a comment - Before logging in (subset of screen for brevity) https://www.dropbox.com/s/8i5g21syy2otk7n/imageui1.png?dl=0 After logging in: https://www.dropbox.com/s/6xv5yjzjc2fu60s/imageui2.png?dl=0

          Sam Gleske added a comment -

          Released 0.24. It should be available in about 8 hrs in the update center. Or download it at https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/github-oauth/0.24/github-oauth-0.24.hpi

          It handles the exception you experienced I believe. Please confirm for me if the issue is resolved.

          Sam Gleske added a comment - Released 0.24. It should be available in about 8 hrs in the update center. Or download it at https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/github-oauth/0.24/github-oauth-0.24.hpi It handles the exception you experienced I believe. Please confirm for me if the issue is resolved.

          Steffen Gebert added a comment -

          Fixes this issue for me. Thanks a lot!

          Steffen Gebert added a comment - Fixes this issue for me. Thanks a lot!

          Ronald Gundlach-Chmara added a comment -

          UI elements now showing up correctly when not logged in. WIth 0.24.

          Ronald Gundlach-Chmara added a comment - UI elements now showing up correctly when not logged in. WIth 0.24.

          Sam Gleske added a comment -

          Great! Thanks for reporting back everyone.

          Sam Gleske added a comment - Great! Thanks for reporting back everyone.

            sag47 Sam Gleske
            ronabop Ronald Gundlach-Chmara
            Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: