Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49543

Refusing to marshal org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl on Old Apache TomCat 8.x versions

XMLWordPrintable

      Workaround: Update to Apache Tomcat 8.0.50 or above

      When saving on the configuration page for a user (http://cool.jenkins.url/user/user.name/configure) I get the following stack trace.

      Adding "-Dhudson.remoting.ClassFilter=org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl" fixes the issue.

      This seems to also be causing issues for workflow-cps-global-lib-plugin's local git repository.

      Stack Trace:

      java.lang.UnsupportedOperationException: Refusing to marshal org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl for security reasons; see https://jenkins.io/redirect/class-filter/
	at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:543)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
	at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
	at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
	at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
Caused: java.lang.RuntimeException: Failed to serialize hudson.model.User#properties for class hudson.model.User
	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
	at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
	at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
	at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
	at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
	at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
	at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
	at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
	at hudson.XmlFile.write(XmlFile.java:193)
Caused: java.io.IOException
	at hudson.XmlFile.write(XmlFile.java:200)
	at hudson.model.User.save(User.java:827)
	at hudson.model.User.doConfigSubmit(User.java:901)
	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
	at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77)
	at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
	at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
	at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
	at org.jenkinsci.plugins.ssegateway.Endpoint$SSEListenChannelFilter.doFilter(Endpoint.java:225)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at io.jenkins.blueocean.auth.jwt.impl.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:61)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at com.smartcodeltd.jenkinsci.plugin.assetbundler.filters.LessCSS.doFilter(LessCSS.java:47)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:237)
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:214)
	at net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:88)
	at org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:114)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:59)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:64)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:616)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:534)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1081)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:658)
	at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:222)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1566)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1523)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)

      Plugins

      ace-editor 1.1
active-directory 2.6
analysis-core 1.94
ansicolor 0.5.2
ant 1.8
antisamy-markup-formatter 1.5
apache-httpcomponents-client-4-api 4.5.3-2.1
artifactory 2.14.0
authentication-tokens 1.3
aws-credentials 1.23
aws-java-sdk 1.11.264
blueocean 1.4.1
blueocean-autofavorite 1.2.1
blueocean-bitbucket-pipeline 1.4.1
blueocean-commons 1.4.1
blueocean-config 1.4.1
blueocean-core-js 1.4.1
blueocean-dashboard 1.4.1
blueocean-display-url 2.2.0
blueocean-events 1.4.1
blueocean-git-pipeline 1.4.1
blueocean-github-pipeline 1.4.1
blueocean-i18n 1.4.1
blueocean-jira 1.4.1
blueocean-jwt 1.4.1
blueocean-personalization 1.4.1
blueocean-pipeline-api-impl 1.4.1
blueocean-pipeline-editor 1.4.1
blueocean-pipeline-scm-api 1.4.1
blueocean-rest 1.4.1
blueocean-rest-impl 1.4.1
blueocean-web 1.4.1
bouncycastle-api 2.16.2
branch-api 2.0.18
build-blocker-plugin 1.7.3
build-failure-analyzer 1.19.2
build-history-metrics-plugin 1.2
build-monitor-plugin 1.12+build.201708172343
build-token-root 1.4
build-user-vars-plugin 1.5
cloud-stats 0.16
cloudbees-bitbucket-branch-source 2.2.9
cloudbees-disk-usage-simple 0.9
cloudbees-folder 6.3
command-launcher 1.2
conditional-buildstep 1.3.6
config-autorefresh-plugin 1.0
config-file-provider 2.17
configurationslicing 1.47
credentials 2.1.16
credentials-binding 1.15
custom-tools-plugin 0.5
cvs 2.13
display-url-api 2.2.0
docker-commons 1.11
docker-slaves 1.0.7
docker-workflow 1.15
dropdown-viewstabbar-plugin 1.7
durable-task 1.17
dynamicparameter 0.2.0
email-ext 2.61
extended-choice-parameter 0.76
external-monitor-job 1.7
extra-columns 1.18
favorite 2.3.1
flexible-publish 0.15.2
fortify-on-demand-uploader 3.0.6
ghprb 1.40.0
git 3.7.0
git-client 2.7.1
git-server 1.7
github 1.29.0
github-api 1.90
github-branch-source 2.3.2
github-organization-folder 1.6
google-oauth-plugin 0.5
gradle 1.28
greenballs 1.15
groovy 2.0
handlebars 1.1.1
handy-uri-templates-2-api 2.1.6-1.0
hipchat 2.1.1
htmlpublisher 1.14
icon-shim 2.0.3
ivy 1.28
jackson2-api 2.8.11.1
jacoco 2.2.1
javadoc 1.4
jenkins-design-language 1.4.1
jenkins-jira-plugin 3.1.0
jenkinslint 0.14.0
jira 2.5
jira-steps 1.3.1
jquery 1.12.4-0
jquery-detached 1.2.1
jquery-ui 1.0.2
jsch 0.1.54.1
junit 1.24
kpp-management-plugin 1.0.0
kubernetes 1.2
kubernetes-credentials 0.3.0
kubernetes-pipeline-aggregator 1.5
kubernetes-pipeline-arquillian-steps 1.5
kubernetes-pipeline-devops-steps 1.5
kubernetes-pipeline-steps 1.5
last-changes 2.6
ldap 1.19
ldapemail 0.8 false
lockable-resources 2.1
logstash 1.4.0
mailer 1.20
mapdb-api 1.0.9.0
matrix-auth 2.2
matrix-project 1.12
maven-plugin 3.1
mercurial 2.2
metrics 3.1.2.10
momentjs 1.1.1
monitoring 1.71.0
multiple-scms 0.6
newrelic-deployment-notifier 1.3
next-build-number 1.5
nodejs 1.2.4
oauth-credentials 0.3
pam-auth 1.3
parameter-pool 1.0.3
parameter-separator 1.0
parameterized-trigger 2.35.2
persistent-parameter 1.1
pipeline-build-step 2.7
pipeline-github-lib 1.0
pipeline-graph-analysis 1.6
pipeline-input-step 2.8
pipeline-maven 3.3.0
pipeline-milestone-step 1.3.1
pipeline-model-api 1.2.7
pipeline-model-declarative-agent 1.1.1
pipeline-model-definition 1.2.7
pipeline-model-extensions 1.2.7
pipeline-rest-api 2.9
pipeline-stage-step 2.3
pipeline-stage-tags-metadata 1.2.7
pipeline-stage-view 2.9
pipeline-utility-steps 1.5.1
plain-credentials 1.4
play-autotest-plugin 1.0.2
port-allocator 1.8
publish-over 0.21
publish-over-ssh 1.18
pubsub-light 1.12
quality-gates 2.5
resource-disposer 0.8
restification 1.1.1
ruby 1.2
ruby-runtime 0.13
run-condition 1.0
rvm 0.6
saferestart 0.3
sauce-ondemand 1.171
scm-api 2.2.6
script-security 1.41
scriptler 2.9
sidebar-link 1.9.1
sonar 2.6.1
sse-gateway 1.15
ssh-agent 1.15
ssh-credentials 1.13
ssh-slaves 1.25.1
structs 1.13
subversion 2.10.2
test-stability 2.3
thinBackup 1.9
timestamper 1.8.9
token-macro 2.3
variant 1.1
versioncolumn 2.0
warnings 4.65
windows-slaves 1.3.1
workflow-aggregator 2.5
workflow-api 2.25
workflow-basic-steps 2.6
workflow-cps 2.44
workflow-cps-global-lib 2.9
workflow-durable-task-step 2.18
workflow-job 2.17
workflow-multibranch 2.17
workflow-scm-step 2.6
workflow-step-api 2.14
workflow-support 2.18
ws-cleanup 0.34
yet-another-docker-plugin 0.1.0-rc47

            jglick Jesse Glick
            notanother Tim McNally
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: