Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47426

ClientAuthenticationCache#getPropertyKey not consistent when rootUrl is not set


    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • cli
    • None

      Given an instance of Jenkins where the rootUrl is not configured (dev instance, etc.), the ClientAuthenticationCache is not working as expected.

      Normally it's responsible to store the authentications between login and logout command from the CLI. To avoid conflict between multiple instances of Jenkins, there is a propertyKey that is computed using the rootUrl. In the case there is no rootUrl, the propertyKey is computed using the following fallback : `Secret.fromString("key").getEncryptedValue()`.

      The problem is that the IV of that new Secret is not set and so the getEncryptedValue will return a new value for each call to getPropertyKey(). So when we want to store the authentication we compute a propertyKey and then when we try to retrieve the information we compute new propertyKey at each time. Due to that behavior, the login CLI command does not work as expected when the rootUrl is not set.

      Having the "rootUrl not set" will generate a warning when the AdminMonitor from JENKINS-31661 will be implemented.

            wfollonier Wadeck Follonier
            wfollonier Wadeck Follonier
            0 Vote for this issue
            2 Start watching this issue