[JENKINS-35031] API calls fails when AD plugin is setup with an entered domain - Jenkins Jira

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Major
Resolution: Fixed
Component/s: active-directory-plugin
Labels:
None
Environment:
Windows 2008 R2 Server
Jenkins ver. 1.651.2 LTS
Active Directory plugin ver. 1.46

Similar Issues:

Show
URL:
https://github.com/jenkinsci/active-directory-plugin/pull/36

Description

Jenkins API calls fails with the folowing stacktrace when AD plugin is setup with an entered domain :

23-May-2016 16:53:21.882 WARNING [Handling GET /jenkins/job/admin/api/xml from 172.18.242.45 : tomcat-exec-9] hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser Credential exception trying to authenticate against santeclair.lan domain
 org.acegisecurity.BadCredentialsException: Failed to retrieve user information from the cache for brey
	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:354)
	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:199)
	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:141)
	at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
	at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
	at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
	at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:55)
	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:614)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
	at org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:188)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2517)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2506)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)

Is seems that if password equals NO_AUTHENTICATION, BadCredentialsException should not be thrown.

Attachments

Activity

Ascending order - Click to sort in descending order

SCM/JIRA link daemon added a comment - 2016-06-06 11:41

Code changed in jenkins
User: Felix Belzunce Arcos
Path:
src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
http://jenkins-ci.org/commit/active-directory-plugin/c04fc160d7cbf4f616109190ac3df7dcc1a02970
Log:
~~JENKINS-35031~~ Not check password if it is NO_AUTHENTICATION (#36)

~~JENKINS-35031~~ Not check password if it is NO_AUTHENTICATION

SCM/JIRA link daemon added a comment - 2016-06-06 11:41 Code changed in jenkins User: Felix Belzunce Arcos Path: src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java http://jenkins-ci.org/commit/active-directory-plugin/c04fc160d7cbf4f616109190ac3df7dcc1a02970 Log: JENKINS-35031 Not check password if it is NO_AUTHENTICATION (#36) JENKINS-35031 Not check password if it is NO_AUTHENTICATION

Félix Belzunce Arcos added a comment - 2016-06-06 12:01

Released in 1.47

Félix Belzunce Arcos added a comment - 2016-06-06 12:01 Released in 1.47

Jenkins

API calls fails when AD plugin is setup with an entered domain

Details

Description

Attachments

Activity

People

Dates