Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43797

View does not work when Jenkins has authentication enabled

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Calls on views API does not work if Jenkins has authenication enabled.

      java.io.IOException: Failed to write pipelines
      	at org.kohsuke.stapler.export.Property.safeGetValue(Property.java:151)
      	at org.kohsuke.stapler.export.Property.writeTo(Property.java:126)
      	at org.kohsuke.stapler.export.Model.writeNestedObjectTo(Model.java:227)
      	at org.kohsuke.stapler.export.Model.writeTo(Model.java:198)
      	at org.kohsuke.stapler.ResponseImpl.writeOne(ResponseImpl.java:285)
      	at org.kohsuke.stapler.ResponseImpl.serveExposedBean(ResponseImpl.java:276)
      	at hudson.model.Api.doJson(Api.java:208)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:335)
      	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:175)
      	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:108)
      	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:124)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      	at org.kohsuke.stapler.MetaClass$3.doDispatch(MetaClass.java:197)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      	at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:236)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
      	at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:135)
      	at org.jenkinsci.plugins.ssegateway.Endpoint$SSEListenChannelFilter.doFilter(Endpoint.java:225)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
      	at io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
      	at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:59)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
      	at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
      	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:126)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
      	at org.eclipse.jetty.server.Server.handle(Server.java:499)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
      	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
      	at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: java.lang.reflect.InvocationTargetException
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.kohsuke.stapler.export.MethodProperty.getValue(MethodProperty.java:66)
      	at org.kohsuke.stapler.export.Property.safeGetValue(Property.java:145)
      	... 86 more
      Caused by: java.lang.IllegalStateException: com.google.api.client.http.HttpResponseException: 403 Forbidden
      <html><head><meta http-equiv='refresh' content='1;url=/login?from=%2Fjob%2Fdoagdp-dead-or-alive-server-master%2Fwfapi%2Fruns'/><script>window.location.replace('/login?from=%2Fjob%2Fdoagdp-dead-or-alive-server-master%2Fwfapi%2Fruns');</script></head><body style='background-color:white; color:white;'>
      
      
      Authentication required
      <!--
      You are authenticated as: anonymous
      Groups that you are in:
        
      Permission you need to have (but didn't): hudson.model.Hudson.Read
       ... which is implied by: hudson.security.Permission.GenericRead
       ... which is implied by: hudson.model.Hudson.Administer
      -->
      
      </body></html>                                                                                                                                                                                                                                                                                                            
      	at se.diabol.jenkins.workflow.WorkflowApi.getRunsFor(WorkflowApi.java:61)
      	at se.diabol.jenkins.workflow.model.Task.resolveTaskStatus(Task.java:133)
      	at se.diabol.jenkins.workflow.model.Task.resolve(Task.java:113)
      	at se.diabol.jenkins.workflow.model.Stage.resolveStageNodes(Stage.java:140)
      	at se.diabol.jenkins.workflow.model.Stage.extractStages(Stage.java:124)
      	at se.diabol.jenkins.workflow.model.Pipeline.resolve(Pipeline.java:117)
      	at se.diabol.jenkins.workflow.WorkflowPipelineView.resolvePipeline(WorkflowPipelineView.java:187)
      	at se.diabol.jenkins.workflow.WorkflowPipelineView.resolvePipelines(WorkflowPipelineView.java:180)
      	at se.diabol.jenkins.workflow.WorkflowPipelineView.getPipelines(WorkflowPipelineView.java:164)
      	... 92 more
      Caused by: com.google.api.client.http.HttpResponseException: 403 Forbidden
      <html><head><meta http-equiv='refresh' content='1;url=/login?from=%2Fjob%2Fdoagdp-dead-or-alive-server-master%2Fwfapi%2Fruns'/><script>window.location.replace('/login?from=%2Fjob%2Fdoagdp-dead-or-alive-server-master%2Fwfapi%2Fruns');</script></head><body style='background-color:white; color:white;'>
      
      
      Authentication required
      <!--
      You are authenticated as: anonymous
      Groups that you are in:
        
      Permission you need to have (but didn't): hudson.model.Hudson.Read
       ... which is implied by: hudson.security.Permission.GenericRead
       ... which is implied by: hudson.model.Hudson.Administer
      -->
      
      </body></html>                                                                                                                                                                                                                                                                                                            
      	at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1061)
      	at se.diabol.jenkins.workflow.WorkflowApi.execute(WorkflowApi.java:79)
      	at se.diabol.jenkins.workflow.WorkflowApi.getRunsFor(WorkflowApi.java:57)
      	... 100 more

        Attachments

          Issue Links

            Activity

            Hide
            tommysdk Tommy Tynjä added a comment -

            Reproducing test case (added in WorkflowPipelineViewTest):

            @Test
            @Issue("JENKINS-43797")
            public void authentication() throws Exception {
                 WorkflowJob pipeline = jenkins.getInstance().createProject(WorkflowJob.class, "Test");
            
                 pipeline.setDefinition(new CpsFlowDefinition("node { stage 'Stage 1' echo 'Hello World 1' stage 'Stage 2' echo 'Hello World 2' }", true));
            
                 pipeline.scheduleBuild(0, new BuildCommand.CLICause());
                 jenkins.waitUntilNoActivity();
            
                 WorkflowPipelineView view = new WorkflowPipelineView("Pipeline");
                 view.setProject("Test");
            
                 jenkins.getInstance().addView(view);
            
                 jenkins.getInstance().setSecurityRealm(jenkins.createDummySecurityRealm());
                 GlobalMatrixAuthorizationStrategy gmas = new GlobalMatrixAuthorizationStrategy();
                 gmas.add(Permission.READ, "devel");
            
                 jenkins.getInstance().setAuthorizationStrategy(gmas);
            
                 JenkinsRule.WebClient client = jenkins.createWebClient();
            
                 client.login("devel", "devel");
            
                 Page pageView = client.getPage(new URL(jenkins.getURL(), "/jenkins/view/Pipeline"));
                 assertThat(pageView.getWebResponse().getStatusCode(), is(200));
            
                Page pageApi = client.getPage(new URL(jenkins.getURL(), "/jenkins/view/Pipeline/api/json"));
                assertThat(pageApi.getWebResponse().getStatusCode(), is(200));
            }
            Show
            tommysdk Tommy Tynjä added a comment - Reproducing test case (added in WorkflowPipelineViewTest): @Test @Issue( "JENKINS-43797" ) public void authentication() throws Exception {   WorkflowJob pipeline = jenkins.getInstance().createProject(WorkflowJob.class, "Test" );   pipeline.setDefinition( new CpsFlowDefinition( "node { stage 'Stage 1' echo 'Hello World 1' stage 'Stage 2' echo 'Hello World 2' }" , true ));   pipeline.scheduleBuild(0, new BuildCommand.CLICause());   jenkins.waitUntilNoActivity();   WorkflowPipelineView view = new WorkflowPipelineView( "Pipeline" );   view.setProject( "Test" );   jenkins.getInstance().addView(view);   jenkins.getInstance().setSecurityRealm(jenkins.createDummySecurityRealm());   GlobalMatrixAuthorizationStrategy gmas = new GlobalMatrixAuthorizationStrategy();   gmas.add(Permission.READ, "devel" );   jenkins.getInstance().setAuthorizationStrategy(gmas);   JenkinsRule.WebClient client = jenkins.createWebClient();   client.login( "devel" , "devel" );   Page pageView = client.getPage( new URL(jenkins.getURL(), "/jenkins/view/Pipeline" ));   assertThat(pageView.getWebResponse().getStatusCode(), is(200));   Page pageApi = client.getPage( new URL(jenkins.getURL(), "/jenkins/view/Pipeline/api/json" )); assertThat(pageApi.getWebResponse().getStatusCode(), is(200)); }
            Hide
            tommysdk Tommy Tynjä added a comment -
            Show
            tommysdk Tommy Tynjä added a comment - Pull request with proposed solution: https://github.com/Diabol/delivery-pipeline-plugin/pull/256
            Hide
            tommysdk Tommy Tynjä added a comment -

            Proposed solution merged to master.

            Show
            tommysdk Tommy Tynjä added a comment - Proposed solution merged to master.
            Hide
            tommysdk Tommy Tynjä added a comment -

            Released in Delivery Pipeline plugin 1.0.3.

            Show
            tommysdk Tommy Tynjä added a comment - Released in Delivery Pipeline plugin 1.0.3.

              People

              Assignee:
              tommysdk Tommy Tynjä
              Reporter:
              patbos Patrik Boström
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: