Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64573

Cannot login in after 2.264

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      I cannot login anymore after updating jenkins to any version after 2.264 (Last attempt was with 2.274).

      I use the role-strategy-plugin for security and i use the built in user directory.

      I don't have any errors/warnings in my logs, jenkins just refuses to accept any login after the update.

       

      List of my plugins:

      JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1
      Ant Plugin (ant): 1.11
      OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1
      Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.13-1.0
      Bootstrap 4 API Plugin (bootstrap4-api): 4.5.3-1
      bouncycastle API Plugin (bouncycastle-api): 2.18
      Build Blocker Plugin (build-blocker-plugin): 1.7.3
      Checks API plugin (checks-api): 1.2.0
      Folders Plugin (cloudbees-folder): 6.15
      Command Agent Launcher Plugin (command-launcher): 1.5
      Conditional BuildStep (conditional-buildstep): 1.4.1
      Credentials Plugin (credentials): 2.3.14
      Display URL API (display-url-api): 2.3.4
      Durable Task Plugin (durable-task): 1.35
      ECharts API Plugin (echarts-api): 4.9.0-2
      Email Extension Plugin (email-ext): 2.80
      Extended Read Permission Plugin (extended-read-permission): 3.2
      External Monitor Job Type Plugin (external-monitor-job): 1.7
      Font Awesome API Plugin (font-awesome-api): 5.15.1-1
      Icon Shim Plugin (icon-shim): 2.0.3
      Jackson 2 API Plugin (jackson2-api): 2.12.0
      Javadoc Plugin (javadoc): 1.6
      Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.4
      JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin (jquery-detached): 1.2.1
      jQuery plugin (jquery): 1.12.4-1
      JQuery3 API Plugin (jquery3-api): 3.5.1-2
      JSch dependency plugin (jsch): 0.1.55.2
      JUnit Plugin (junit): 1.48
      LDAP Plugin (ldap): 1.26
      Mailer Plugin (mailer): 1.32.1
      MapDB API Plugin (mapdb-api): 1.0.9.0
      Matrix Authorization Strategy Plugin (matrix-auth): 2.6.4
      Matrix Project Plugin (matrix-project): 1.18
      Maven Integration plugin (maven-plugin): 3.8
      Office 365 Connector (Office-365-Connector): 4.13.2
      PAM Authentication plugin (pam-auth): 1.6
      Parameterized Trigger plugin (parameterized-trigger): 2.39
      Pipeline: Build Step (pipeline-build-step): 2.13
      Pipeline: Input Step (pipeline-input-step): 2.12
      Pipeline: Milestone Step (pipeline-milestone-step): 1.3.1
      Pipeline: Stage Step (pipeline-stage-step): 2.5
      Plain Credentials Plugin (plain-credentials): 1.7
      Plugin Utilities API Plugin (plugin-util-api): 1.6.1
      Popper.js API Plugin (popper-api): 1.16.0-7
      Resource Disposer Plugin (resource-disposer): 0.14
      Role-based Authorization Strategy (role-strategy): 3.1
      Run Condition Plugin (run-condition): 1.5
      SCM API Plugin (scm-api): 2.6.4
      Script Security Plugin (script-security): 1.75
      Shelve Project Plugin (shelve-project-plugin): 3.1
      Snakeyaml API Plugin (snakeyaml-api): 1.27.0
      SonarQube Scanner for Jenkins (sonar): 2.13
      SSH Credentials Plugin (ssh-credentials): 1.18.1
      Structs Plugin (structs): 1.20
      Swarm Plugin (swarm): 3.24
      Throttle Concurrent Builds Plug-in (throttle-concurrents): 2.1
      Timestamper (timestamper): 1.11.8
      Token Macro Plugin (token-macro): 2.13
      Trilead API Plugin (trilead-api): 1.0.13
      WMI Windows Agents Plugin (windows-slaves): 1.7
      Pipeline: API (workflow-api): 2.40
      Pipeline: Basic Steps (workflow-basic-steps): 2.23
      Pipeline: Groovy (workflow-cps): 2.87
      Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37
      Pipeline: Job (workflow-job): 2.40
      Pipeline: SCM Step (workflow-scm-step): 2.11
      Pipeline: Step API (workflow-step-api): 2.23
      Pipeline: Supporting APIs (workflow-support): 3.7
      Workspace Cleanup Plugin (ws-cleanup): 0.38

       

       

        Attachments

          Activity

          Hide
          movedoa Alexander Dobetsberger added a comment -

          Are the any more infos i can give you to find the cause of this issue?

          Show
          movedoa Alexander Dobetsberger added a comment - Are the any more infos i can give you to find the cause of this issue?
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Hard to say for sure, but it is unlikely related to the Role Strategy plugin. This plugin handles authoriuzation, but it is not involved in user Authentication.

          My best guess is that one of the changes in https://www.jenkins.io/blog/2020/11/10/major-changes-in-weekly-releases/ collides with the login UI. JQuery update seems to be the most likely candidate. I would suggest opening the developer console and checking for errors there when logging in

          Show
          oleg_nenashev Oleg Nenashev added a comment - Hard to say for sure, but it is unlikely related to the Role Strategy plugin. This plugin handles authoriuzation, but it is not involved in user Authentication. My best guess is that one of the changes in https://www.jenkins.io/blog/2020/11/10/major-changes-in-weekly-releases/  collides with the login UI. JQuery update seems to be the most likely candidate. I would suggest opening the developer console and checking for errors there when logging in
          Hide
          movedoa Alexander Dobetsberger added a comment -

          Just tried the update again (2.275 this time), same problem, nothing in the error logs, nothing in the developer console.
          The server just returns "401 Unauthorized" and i cannot login.

          I have now switched to 2.263.2 LTS, i had this planned anyway and now seems a good time to do so, so fo me this is solved, for now.
          I guess we will see if the problem still exists with the next LTS update, if this is the case i will update this ticket, otherwise i will close it.

          Show
          movedoa Alexander Dobetsberger added a comment - Just tried the update again (2.275 this time), same problem, nothing in the error logs, nothing in the developer console. The server just returns "401 Unauthorized" and i cannot login. I have now switched to 2.263.2 LTS, i had this planned anyway and now seems a good time to do so, so fo me this is solved, for now. I guess we will see if the problem still exists with the next LTS update, if this is the case i will update this ticket, otherwise i will close it.
          Hide
          markewaite Mark Waite added a comment -

          I was unable to duplicate the problem. Jenkins 2.275 recommended upgrading email-ext 2.81, ldap 2.3, and token-macro 2.14. Those three plugin versions are specifically implemented to update with Jenkins 2.265 and beyond.

          I enabled role strategy, defined several roles, assigned users to the roles, then logged in as the various users to confirm that the roles were behaving as expected. I did not detect any problem that prevented me from logging in,.

          It may have been a problem due to the outdated versions of the plugins, though that seems unlikely to me.

          I used the list of plugins to create the following Dockerfile for Jenkins 2.275:

          FROM jenkins/jenkins:2.275-slim
          RUN jenkins-plugin-cli --verbose --plugins \
              Office-365-Connector:4.13.2 \
              ace-editor:1.1 \
              ant:1.11 \
              antisamy-markup-formatter:2.1 \
              apache-httpcomponents-client-4-api:4.5.13-1.0 \
              bootstrap4-api:4.5.3-1 \
              bouncycastle-api:2.18 \
              build-blocker-plugin:1.7.3 \
              checks-api:1.2.0 \
              cloudbees-folder:6.15 \
              command-launcher:1.5 \
              conditional-buildstep:1.4.1 \
              credentials:2.3.14 \
              display-url-api:2.3.4 \
              durable-task:1.35 \
              echarts-api:4.9.0-2 \
              email-ext:2.81 \
              extended-read-permission:3.2 \
              external-monitor-job:1.7 \
              font-awesome-api:5.15.1-1 \
              icon-shim:2.0.3 \
              jackson2-api:2.12.1 \
              javadoc:1.6 \
              jdk-tool:1.4 \
              jquery-detached:1.2.1 \
              jquery3-api:3.5.1-2 \
              jquery:1.12.4-1 \
              jsch:0.1.55.2 \
              junit:1.48 \
              ldap:2.3 \
              mailer:1.32.1 \
              mapdb-api:1.0.9.0 \
              matrix-auth:2.6.4 \
              matrix-project:1.18 \
              maven-plugin:3.8 \
              pam-auth:1.6 \
              parameterized-trigger:2.39 \
              pipeline-build-step:2.13 \
              pipeline-input-step:2.12 \
              pipeline-milestone-step:1.3.1 \
              pipeline-stage-step:2.5 \
              plain-credentials:1.7 \
              plugin-util-api:1.6.1 \
              popper-api:1.16.0-7 \
              resource-disposer:0.14 \
              role-strategy:3.1 \
              run-condition:1.5 \
              scm-api:2.6.4 \
              script-security:1.75 \
              shelve-project-plugin:3.1 \
              snakeyaml-api:1.27.0 \
              sonar:2.13 \
              ssh-credentials:1.18.1 \
              structs:1.20 \
              swarm:3.24 \
              throttle-concurrents:2.1 \
              timestamper:1.11.8 \
              token-macro:2.14 \
              trilead-api:1.0.13 \
              windows-slaves:1.7 \
              workflow-api:2.40 \
              workflow-basic-steps:2.23 \
              workflow-cps:2.87 \
              workflow-durable-task-step:2.37 \
              workflow-job:2.40 \
              workflow-scm-step:2.11 \
              workflow-step-api:2.23 \
              workflow-support:3.7 \
              ws-cleanup:0.38
          
          Show
          markewaite Mark Waite added a comment - I was unable to duplicate the problem. Jenkins 2.275 recommended upgrading email-ext 2.81, ldap 2.3, and token-macro 2.14. Those three plugin versions are specifically implemented to update with Jenkins 2.265 and beyond. I enabled role strategy, defined several roles, assigned users to the roles, then logged in as the various users to confirm that the roles were behaving as expected. I did not detect any problem that prevented me from logging in,. It may have been a problem due to the outdated versions of the plugins, though that seems unlikely to me. I used the list of plugins to create the following Dockerfile for Jenkins 2.275: FROM jenkins/jenkins:2.275-slim RUN jenkins-plugin-cli --verbose --plugins \ Office-365-Connector:4.13.2 \ ace-editor:1.1 \ ant:1.11 \ antisamy-markup-formatter:2.1 \ apache-httpcomponents-client-4-api:4.5.13-1.0 \ bootstrap4-api:4.5.3-1 \ bouncycastle-api:2.18 \ build-blocker-plugin:1.7.3 \ checks-api:1.2.0 \ cloudbees-folder:6.15 \ command-launcher:1.5 \ conditional-buildstep:1.4.1 \ credentials:2.3.14 \ display-url-api:2.3.4 \ durable-task:1.35 \ echarts-api:4.9.0-2 \ email-ext:2.81 \ extended-read-permission:3.2 \ external-monitor-job:1.7 \ font-awesome-api:5.15.1-1 \ icon-shim:2.0.3 \ jackson2-api:2.12.1 \ javadoc:1.6 \ jdk-tool:1.4 \ jquery-detached:1.2.1 \ jquery3-api:3.5.1-2 \ jquery:1.12.4-1 \ jsch:0.1.55.2 \ junit:1.48 \ ldap:2.3 \ mailer:1.32.1 \ mapdb-api:1.0.9.0 \ matrix-auth:2.6.4 \ matrix-project:1.18 \ maven-plugin:3.8 \ pam-auth:1.6 \ parameterized-trigger:2.39 \ pipeline-build-step:2.13 \ pipeline-input-step:2.12 \ pipeline-milestone-step:1.3.1 \ pipeline-stage-step:2.5 \ plain-credentials:1.7 \ plugin-util-api:1.6.1 \ popper-api:1.16.0-7 \ resource-disposer:0.14 \ role-strategy:3.1 \ run-condition:1.5 \ scm-api:2.6.4 \ script-security:1.75 \ shelve-project-plugin:3.1 \ snakeyaml-api:1.27.0 \ sonar:2.13 \ ssh-credentials:1.18.1 \ structs:1.20 \ swarm:3.24 \ throttle-concurrents:2.1 \ timestamper:1.11.8 \ token-macro:2.14 \ trilead-api:1.0.13 \ windows-slaves:1.7 \ workflow-api:2.40 \ workflow-basic-steps:2.23 \ workflow-cps:2.87 \ workflow-durable-task-step:2.37 \ workflow-job:2.40 \ workflow-scm-step:2.11 \ workflow-step-api:2.23 \ workflow-support:3.7 \ ws-cleanup:0.38
          Hide
          danielbeck Daniel Beck added a comment -

          Is Jenkins running standalone, or in Tomcat or similar?

          Show
          danielbeck Daniel Beck added a comment - Is Jenkins running standalone, or in Tomcat or similar?
          Hide
          movedoa Alexander Dobetsberger added a comment -

          Its running standalone, default windows installation.

          Show
          movedoa Alexander Dobetsberger added a comment - Its running standalone, default windows installation.
          Hide
          danielbeck Daniel Beck added a comment -

          To clarify, this broke in Jenkins 2.265, NOT Jenkins 2.266?

          Show
          danielbeck Daniel Beck added a comment - To clarify, this broke in Jenkins 2.265, NOT Jenkins 2.266?
          Hide
          movedoa Alexander Dobetsberger added a comment -

          I am not sure if i ever tried updating to 2.265, i can say for sure that i tried updating to 2.266 and 2.274 and the problem occured.

          Show
          movedoa Alexander Dobetsberger added a comment - I am not sure if i ever tried updating to 2.265, i can say for sure that i tried updating to 2.266 and 2.274 and the problem occured.

            People

            Assignee:
            oleg_nenashev Oleg Nenashev
            Reporter:
            movedoa Alexander Dobetsberger
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated: