Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-52740

RejectedAccessException for java.net.URL openConnection without posibility to approve

    • Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Critical Critical
    • script-security-plugin
    • None
    • Jenkins 2.89.2
      Script Security 1.3.9

      We configured the pipeline to be executed after checking it out from scm, in this case we don't see a posibility to approve the whole script. 

      Exception:

      Job failed with: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method java.net.URL openConnection

      In the list of methods to approve, this method is not shown. (see screenshot) I read some other issues showing the same behaviour, but I did not find a workaround. Any thoughts on why this can occur?

          [JENKINS-52740] RejectedAccessException for java.net.URL openConnection without posibility to approve

          Carsten Hilber added a comment - - edited

          Closing this issue because I found the problem.
          The script sercure plugin identifies the rejected methods by analyzing the thrown exceptions out of any executed code. 

          I made the mistake to use a try catch around my pipeline, preventing the plugin to see the exception occurance. Now I simply throw the exception if it is of type RejectedAccessException.

          Carsten Hilber added a comment - - edited Closing this issue because I found the problem. The script sercure plugin identifies the rejected methods by analyzing the thrown exceptions out of any executed code.  I made the mistake to use a try catch around my pipeline, preventing the plugin to see the exception occurance. Now I simply throw the exception if it is of type RejectedAccessException.

            abayer Andrew Bayer
            carsten_hilber Carsten Hilber
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: