-
Bug
-
Resolution: Duplicate
-
Minor
-
None
-
Jenkins 2.249.1 installed via rpm
OS Linux amd64
Java OpenJDK 1.8.0_265
plugins:
ldap 1.11
role-strategy 3.1
We are having a strange intermittent issue. I am not entirely sure how to reproduce it but I believe it is being caused because some info is attempting to be displayed which the user does not have access to. We are using the LDAP plugin to manage user logins and the role-strategy plugin to partition users to only access specific folders for their jobs. I believe this is important as the error message indicates that the user was attempting to access data from a role that they do not have access to. In the example log excerpt below the message indicates that a user was attempting to access LMAPP, but they do not have that role.
We have had multiple reports of users experiencing this issue but it only seems to affect users with a limited set of permissions. Users who have full read-only or admin access don't seem to get this error as far as I can tell. It is also interesting to note that while this shows as a WARNING message in the logs, it displays as an error in the browser.
This issue started when we upgraded to 2.249.1 last week but it may have been introduced earlier as we were several releases behind. I am not entirely sure if my interpretation of the error is correct, but that seems to be what is happening. Any help would be appreciated.
Excerpt from the logs:
2020-10-14 14:29:20.120+0000 [id=300866] WARNING h.i.i.InstallUncaughtExceptionHandler#handleException: Caught unhandled exception with ID c26b9f45-1990-47a4-ba5b-2e99860dc036
org.apache.commons.jelly.JellyTagException: jar:file:/var/cache/jenkins/war/WEB-INF/lib/jenkins-core-2.249.1.jar!/hudson/model/View/sidepanel.jelly:75:50: <st:include> org.apache.commons.jelly.JellyTagException: jar:file:/var/cache/jenkins/war/WEB-INF/lib/jenkins-core-2.249.1.jar!/lib/hudson/executors.jelly:75:28: <j:otherwise> Please login to access job LMAPP
at org.apache.commons.jelly.impl.TagScript.handleException(TagScript.java:726)
at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:281)
at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
at org.apache.commons.jelly.TagSupport.invokeBody(TagSupport.java:161)
at org.apache.commons.jelly.tags.core.ForEachTag.doTag(ForEachTag.java:150)
at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:269)
at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
at org.kohsuke.stapler.jelly.CallTagLibScript$1.run(CallTagLibScript.java:99)
at org.apache.commons.jelly.tags.define.InvokeBodyTag.doTag(InvokeBodyTag.java:91)
at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:269)
at org.apache.commons.jelly.tags.core.CoreTagLibrary$1.run(CoreTagLibrary.java:98)
at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105)
at org.kohsuke.stapler.jelly.CallTagLibScript.run(CallTagLibScript.java:120)
at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105)
at org.kohsuke.stapler.jelly.JellyViewScript.run(JellyViewScript.java:95)
at org.kohsuke.stapler.jelly.IncludeTag.doTag(IncludeTag.java:147)
at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:269)
at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
at org.kohsuke.stapler.jelly.CallTagLibScript$1.run(CallTagLibScript.java:99)
at org.apache.commons.jelly.tags.define.InvokeBodyTag.doTag(InvokeBodyTag.java:91)
at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:269)
at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:100)
- duplicates
-
-
- Resolved
-
