Kaushal Modi added a comment - 2022-07-13 23:02 I am seeing the same issue after I upgrades Jenkins after a long time. I also upgraded all the plugins (incl LDAP) to the latest versions. Jenkins 2.346.2 fails the LDAP auth Once I reverted to Jenkins 2.332.4 , LDAP auth started working once again.  

Kaushal Modi added a comment - 2022-07-13 23:05 This bug is Critical because once I updated Jenkins, no one in my company was able to access my Jenkins URL. In the process of downgrading Jenkins, the updated plugins got deactivated because they needed a newer version. In the end, I will need to reconfig all the Jenkins jobs manually. For now, I will stick with Jenkins 2.332.4 until this issue gets resolved.

Mark Waite added a comment - 2022-07-14 04:00 kaushalmodi based on the limited description, I don't have much hope that others will be able to assist with the problem. The original description says "it failed" but does not provide the stack trace that was written to the log file and does not provide steps that describe what might be causing the issue. Many Jenkins users are successfully using LDAP with Jenkins 2.346.2. For example, LDAP is used on ci.jenkins.io, weekly.ci.jenkins.io, release.ci.jenkins.io, and several other large scale Jenkins instances. Yet, neither you nor the original submitter of the issue have provided the details that will show how your installation is different from other installations. Neither have provided the stack trace that is reported in the log file. Will you provide enough details that others can duplicate the problem on a freshly installed system? Will you provide the stack traces that are written to the Jenkins log on failures? Will you provide the configuration details that might help others understand why your system is different than the many systems that are working as expected?

Kaushal Modi added a comment - 2022-07-14 12:10 - edited Hello, I am consistently able to reproduce this issue on a fresh start of Jenkins 2.346.2 using Java 11.0.2+9. Steps: Start new server with an empty $JENKINS_HOME Proceed with adding the initial admin password seen on terminal and installing the default set of plugins Go to Configure Jenkins -> Configure Global Security -> LDAP My LDAP setup needs only the Server and Root DN. They have been working well until Jenkins 2.332.4. After entering that, I proceed to "Test LDAP Settings". There I only see "ERROR". Upon clicking that, I see "A problem occurred while processing the request. Logging ID=d9aa849b-beaf-4001-88a6-5f8187491d3a". In the terminal though, I see this crash log below.   Crash log:     2022-07-14 11:59:01.085+0000 [id=14]    WARNING o.e.j.s.h.ContextHandler$Context#log: Error while serving http://USER-lx01.engus1.COMPANY.com:8081/descriptorByName/hudson.security.LDAPSecurityRealm/validate java.lang.NullPointerException         at hudson.security.LDAPSecurityRealm$DescriptorImpl.validate(LDAPSecurityRealm.java:1589)         at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1544)         at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710)         at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397) Caused: java.lang.reflect.InvocationTargetException         at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:401)         at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)         at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:78)         at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)         at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)         at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)         at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)         at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)         at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)         at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)         at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)         at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)         at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)         at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)         at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694)         at org.kohsuke.stapler.Stapler.service(Stapler.java:240)         at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)         at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)         at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)         at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)         at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)         at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)         at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)         at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)         at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)         at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)         at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)         at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)         at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)         at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)         at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)         at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)         at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)         at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571)         at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)         at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)         at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)         at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)         at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)         at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)         at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)         at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)         at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)         at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)         at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)         at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)         at org.eclipse.jetty.server.Server.handle(Server.java:516)         at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)         at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)         at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)         at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)         at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)         at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)         at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)         at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)         at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)         at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)         at java.base/java.lang.Thread.run(Thread.java:834) 2022-07-14 11:59:01.088+0000 [id=14]    WARNING h.i.i.InstallUncaughtExceptionHandler#handleException: Caught unhandled exception with ID d9aa849b-beaf-4001-88a6-5f8187491d3a java.lang.NullPointerException         at hudson.security.LDAPSecurityRealm$DescriptorImpl.validate(LDAPSecurityRealm.java:1589)         at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1544)         at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710)         at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)         at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)         at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:78)         at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)         at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)         at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)         at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)         at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)         at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766) Caused: javax.servlet.ServletException         at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:816)         at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)         at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)         at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)         at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)         at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)         at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694)         at org.kohsuke.stapler.Stapler.service(Stapler.java:240)         at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)         at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)         at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)         at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)         at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)         at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)         at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)         at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)         at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)         at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)         at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)         at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)         at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)         at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)         at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)         at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)         at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)         at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)         at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)         at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)         at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)         at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)         at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571)         at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)         at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)         at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)         at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)         at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)         at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)         at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)         at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)         at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)         at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)         at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)         at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)         at org.eclipse.jetty.server.Server.handle(Server.java:516)         at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)         at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)         at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)         at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)         at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)         at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)         at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)         at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)         at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)         at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)         at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)         at java.base/java.lang.Thread.run(Thread.java:834)     —   Here's how the same LDAP testing looks on Jenkins 2.332.4: The warnings you seen for LDAP group membership have always been there because my organization does not set those up (could that be a problem for this crash?). But LDAP based authentication is perfectly functionaly inspite of those warnings on that Jenkins version.     —   Let me know if there's any other debug info I can provide.   Thanks!