[JENKINS-46873] Job Config History Plug-in updates the username as anonymous

Type: Bug
Resolution: Unresolved
Priority: Minor
Component/s: jobconfighistory-plugin
Labels:
None

Similar Issues:
Powered by SuggestiMate

Show

Hello,

This is with regard to Job Config History Plug-in.

Of late I'm seeing job config history plug-in updating configuration change records of Jenkins jobs as anonymous user although I'm making config changes using my account/user name through GUI.

Environment Information:

Job Configuration History Plugin (jobConfigHistory): 2.17

Jenkins core version - 2.46.2
JavaVersion-1.8.0_121
OS-Windows
I've noticed the type of Job having issues is Freestyle. I did not check other job type though, I assume it may be the same with other type.
For ACL management, I'm using role base based strategy. Under global permissions / roles I see anonymous having only read access, but not sure how could anonymous being able to edit job configuration.

I suspect if this can be considered as a bug or something. Can you please let me know if this a known issue already ?

Please suggest if there is any fix / workaround for this issue. It would be grateful.

Many thanks in advance.

Thanks,

Ashok Kumar Srinivas

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

image-2017-09-14-13-16-26-502.png
58 kB
2017-09-14 12:16

duplicates

JENKINS-36605 History plugin

Open

Ashok Kumar Srinivas created issue - 2017-09-14 10:18

Jochen A. Fürbacher made changes - 2017-09-14 10:56

Link

New: This issue duplicates JENKINS-36605 [ JENKINS-36605 ]

Jochen A. Fürbacher added a comment - 2017-09-14 11:02

Hello,

this issue is already reported in JENKINS-36605. However we could not reproduce this issue yet.

If the current user can't get determined, we set the user who changed the config to anonymous. So the question is, why can't the current user get determined?

Jochen Fuerbacher

Jochen A. Fürbacher added a comment - 2017-09-14 11:02 Hello, this issue is already reported in JENKINS-36605 . However we could not reproduce this issue yet. If the current user can't get determined, we set the user who changed the config to anonymous. So the question is, why can't the current user get determined? Jochen Fuerbacher

Jochen A. Fürbacher added a comment - 2017-09-14 11:16

Could you provide more information about your authentication setup? What security realm do you use? E.g. Jenkins internal database, a plugin (LDAP, CAS, Active Directory, ...)?

Jochen A. Fürbacher added a comment - 2017-09-14 11:16 Could you provide more information about your authentication setup? What security realm do you use? E.g. Jenkins internal database, a plugin (LDAP, CAS, Active Directory, ...)?

Ashok Kumar Srinivas made changes - 2017-09-14 12:16

Attachment

New: image-2017-09-14-13-16-26-502.png [ 39705 ]

Ashok Kumar Srinivas added a comment - 2017-09-14 12:19

Hello jochenafuerbacher

Thank you for letting me know about the issue that is reported already.

Requested Info:

Security realm ; Active Directory - Active Directory plugin (active-directory): 2.0

Authorization ; Role-Based Strategy - Role-based Authorization Strategy (role-strategy): 2.3.2

Please see the attached screen shot, the brushed ones are the actual user names recorded by the plug-in of the users who saved their configuration changes.

Thanks,

Ashok Kumar Srinivas

Ashok Kumar Srinivas added a comment - 2017-09-14 12:19 Hello jochenafuerbacher Thank you for letting me know about the issue that is reported already. Requested Info: Security realm ; Active Directory - Active Directory plugin (active-directory): 2.0 Authorization ; Role-Based Strategy - Role-based Authorization Strategy (role-strategy): 2.3.2 Please see the attached screen shot, the brushed ones are the actual user names recorded by the plug-in of the users who saved their configuration changes. Thanks, Ashok Kumar Srinivas

Stefan Brausch added a comment - 2017-09-14 12:30 - edited

Please could you activate logging for the package hudson.plugins.active_directory in jenkins and could you put the output here after you have the problem with the wrong user?

The log level should be warning or higher.

More about logging in jenkins can you find here: https://wiki.jenkins.io/display/JENKINS/Logging

Stefan Brausch added a comment - 2017-09-14 12:30 - edited Please could you activate logging for the package hudson.plugins.active_directory in jenkins and could you put the output here after you have the problem with the wrong user? The log level should be warning or higher. More about logging in jenkins can you find here: https://wiki.jenkins.io/display/JENKINS/Logging

Ashok Kumar Srinivas added a comment - 2017-09-14 13:21

I see it is already activated on my windows Jenkins instance. This message seem like repeated in the log, I see the rest of it all like bind message, ID search etc.

Please let me know if I need to take any sort of actions on the below message.

Sep 14, 2017 2:17:48 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm
Failed to start TLS. Authentication will be done via plain-text LDAP java.net.SocketException: Software caused connection abort: recv failed at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:189) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399) at com.sun.jndi.ldap.LdapClient.extendedOp(LdapClient.java:1203) at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3256) Caused: javax.naming.CommunicationException: Software caused connection abort: recv failed [Root exception is java.net.SocketException: Software caused connection abort: recv failed] at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3308) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:645) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:578) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:282) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:265) at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4767) at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3568) at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2350) at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2313) at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2228) at com.google.common.cache.LocalCache.get(LocalCache.java:3965) at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4764) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:265) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:230) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:172) at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47) at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:56) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745)
Sep 14, 2017 2:17:48 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm

Ashok Kumar Srinivas added a comment - 2017-09-14 13:21 I see it is already activated on my windows Jenkins instance. This message seem like repeated in the log, I see the rest of it all like bind message, ID search etc. Please let me know if I need to take any sort of actions on the below message. Sep 14, 2017 2:17:48 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm Failed to start TLS. Authentication will be done via plain-text LDAP java.net.SocketException: Software caused connection abort: recv failed at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.socketRead(SocketInputStream.java:116) at java.net.SocketInputStream.read(SocketInputStream.java:189) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426) at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399) at com.sun.jndi.ldap.LdapClient.extendedOp(LdapClient.java:1203) at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3256) Caused: javax.naming.CommunicationException: Software caused connection abort: recv failed [Root exception is java.net.SocketException: Software caused connection abort: recv failed] at com.sun.jndi.ldap.LdapCtx.extendedOperation(LdapCtx.java:3308) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:645) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:578) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:282) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:265) at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4767) at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3568) at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2350) at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2313) at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2228) at com.google.common.cache.LocalCache.get(LocalCache.java:3965) at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4764) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:265) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:230) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:172) at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47) at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:56) at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Sep 14, 2017 2:17:48 PM FINE hudson.plugins.active_directory.ActiveDirectorySecurityRealm

Jochen A. Fürbacher added a comment - 2017-09-14 13:51

Do you find any exception from the ActiveDirectoryUserDetail.java class?

Jochen A. Fürbacher added a comment - 2017-09-14 13:51 Do you find any exception from the ActiveDirectoryUserDetail.java class?

Ashok Kumar Srinivas added a comment - 2017-09-14 14:14

No, I did not find any exception by the file name ActiveDirectoryUserDetail.java class in the log.

Thanks,

Ashok Kumar Srinivas

Ashok Kumar Srinivas added a comment - 2017-09-14 14:14 No, I did not find any exception by the file name ActiveDirectoryUserDetail.java class in the log. Thanks, Ashok Kumar Srinivas

Assignee:: Stefan Brausch

Reporter:: Ashok Kumar Srinivas

Votes:: 1 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2017-09-14 10:18

Updated:: 2018-09-03 15:02

Jenkins

Details

Description

Attachments

Attachments

Issue Links

Activity

Collapse comment: Jochen A. Fürbacher added a comment - 2017-09-14 11:02

Expand comment: Jochen A. Fürbacher added a comment - 2017-09-14 11:02

Collapse comment: Jochen A. Fürbacher added a comment - 2017-09-14 11:16

Expand comment: Jochen A. Fürbacher added a comment - 2017-09-14 11:16

Collapse comment: Ashok Kumar Srinivas added a comment - 2017-09-14 12:19

Expand comment: Ashok Kumar Srinivas added a comment - 2017-09-14 12:19

Collapse comment: Stefan Brausch added a comment - 2017-09-14 12:30, Edited by Stefan Brausch - 2017-09-14 12:33

Expand comment: Stefan Brausch added a comment - 2017-09-14 12:30, Edited by Stefan Brausch - 2017-09-14 12:33

Collapse comment: Ashok Kumar Srinivas added a comment - 2017-09-14 13:21

Expand comment: Ashok Kumar Srinivas added a comment - 2017-09-14 13:21

Collapse comment: Jochen A. Fürbacher added a comment - 2017-09-14 13:51

Expand comment: Jochen A. Fürbacher added a comment - 2017-09-14 13:51

Collapse comment: Ashok Kumar Srinivas added a comment - 2017-09-14 14:14

Expand comment: Ashok Kumar Srinivas added a comment - 2017-09-14 14:14

People

Dates