Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-68748

NullPointerException when using "Test LDAP settings" button (regression in 2.342)

    XMLWordPrintable

Details

    • Bug
    • Status: In Review (View Workflow)
    • Minor
    • Resolution: Unresolved
    • ldap-plugin
    • Tested on 2.346 and 2.346.3
      LDAP plugin version 2.10 and 2.12

    Description

      Using Test LDAP settings button is rising an NPE. LDAP configuration still works after save, it's just the test that has an issue.

       

      Tested with local LDAP based on docker image of https://github.com/rroemhild/docker-test-openldap

      Reproduction step:

      • Run a Jenkins instance 2.346+
      • go to Manage Jenkins > Configure Global Security
      • select security realm = LDAP
      • Configure LDAP
      • Test LDAP with one user, for example professor/professor

       

      Screenshot in attach file.

      Stacktrace on console:

      2022-06-13 13:57:27.475+0000 [id=366]    WARNING    o.e.j.s.h.ContextHandler$Context#log: Error while serving http://localhost:8081/descriptorByName/hudson.security.LDAPSecurityRealm/validate
      java.lang.NullPointerException
          at hudson.security.LDAPSecurityRealm$DescriptorImpl.validate(LDAPSecurityRealm.java:1589)
          at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1544)
          at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710)
          at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)
      Caused: java.lang.reflect.InvocationTargetException
          at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:401)
          at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)
          at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:78)
          at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
          at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)
          at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)
          at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694)
          at org.kohsuke.stapler.Stapler.service(Stapler.java:240)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
          at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
          at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)
          at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)
          at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)
          at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)
          at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)
          at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
          at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
          at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)
          at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
          at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
          at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571)
          at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
          at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
          at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
          at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
          at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
          at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)
          at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
          at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
          at org.eclipse.jetty.server.Server.handle(Server.java:516)
          at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)
          at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)
          at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)
          at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
          at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
          at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
          at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
          at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
          at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
          at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
          at java.base/java.lang.Thread.run(Thread.java:829)
      2022-06-13 13:57:27.480+0000 [id=366]    WARNING    h.i.i.InstallUncaughtExceptionHandler#handleException: Caught unhandled exception with ID 3e8b8089-a7f8-4592-a1fc-404932a5d4dd
      java.lang.NullPointerException
          at hudson.security.LDAPSecurityRealm$DescriptorImpl.validate(LDAPSecurityRealm.java:1589)
          at hudson.security.LDAPSecurityRealm$DescriptorImpl.doValidate(LDAPSecurityRealm.java:1544)
          at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710)
          at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)
          at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)
          at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:78)
          at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
          at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)
          at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)
          at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
      Caused: javax.servlet.ServletException
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:816)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694)
          at org.kohsuke.stapler.Stapler.service(Stapler.java:240)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
          at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
          at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1631)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)
          at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)
          at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)
          at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102)
          at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:93)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:219)
          at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:213)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
          at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
          at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)
          at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
          at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
          at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
          at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:571)
          at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
          at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
          at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
          at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
          at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
          at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)
          at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
          at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
          at org.eclipse.jetty.server.Server.handle(Server.java:516)
          at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)
          at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)
          at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)
          at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
          at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
          at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
          at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
          at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
          at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
          at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
          at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
          at java.base/java.lang.Thread.run(Thread.java:829)
       

       

       

      Attachments

        Issue Links

          Activity

            rsandell rsandell added a comment -

            https://github.com/jenkinsci/ldap-plugin/blob/e55d225ba2ef6c99ba9b3336fa4be9d8880be2c9/src/main/java/hudson/security/LDAPSecurityRealm.java#L1589

             

            Seems quite bad, the validation is using the data it has configured, not what is coming in via the form. And if you are configuring for the first time there is no realm to get the configuration from.

            rsandell rsandell added a comment - https://github.com/jenkinsci/ldap-plugin/blob/e55d225ba2ef6c99ba9b3336fa4be9d8880be2c9/src/main/java/hudson/security/LDAPSecurityRealm.java#L1589   Seems quite bad, the validation is using the data it has configured, not what is coming in via the form. And if you are configuring for the first time there is no realm to get the configuration from.

            Exactly the same error, it seems to be a regression because in the old versions this very practical function worked.

             

            bjaulin Bernard Jaulin added a comment - Exactly the same error, it seems to be a regression because in the old versions this very practical function worked.  

            Also reported on the Jenkins community site

            saper Marcin Cieślak added a comment - Also reported on the Jenkins community site
            kaushalmodi Kaushal Modi added a comment - markwaite This looks like the exact same exception I reported in https://issues.jenkins.io/browse/JENKINS-68491?focusedCommentId=428023&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-428023 .
            kaushalmodi Kaushal Modi added a comment -

            LDAP configuration still works after save, it's just the test that has an issue.

            I confirm that today. Though, yesterday, I got locked out of Jenkins server as the LDAP authentication wasn't working. I am not sure that changed in my experiments yesterday vs today. But today, I see that while the Test LDAP shows error, LDAP based auth for logging into Jenkins still works on v2.346.2.

            kaushalmodi Kaushal Modi added a comment - LDAP configuration still works after save, it's just the test that has an issue. I confirm that today. Though, yesterday, I got locked out of Jenkins server as the LDAP authentication wasn't working. I am not sure that changed in my experiments yesterday vs today. But today, I see that while the Test LDAP shows error, LDAP based auth for logging into Jenkins still works on v2.346.2.
            axelh Axel Heider added a comment -

            Please fix this.

            axelh Axel Heider added a comment - Please fix this.
            rafael_pala Rafael Pala added a comment -

            I tried change this two tags in config.xml to:

                    <userSearchBase></userSearchBase>
                    <userSearch>sAMAccountName={0}</userSearch>

            and work for me

            rafael_pala Rafael Pala added a comment - I tried change this two tags in config.xml to:         <userSearchBase></userSearchBase>         <userSearch>sAMAccountName={0}</userSearch> and work for me
            danielbeck Daniel Beck added a comment -

            Seems quite bad, the validation is using the data it has configured, not what is coming in via the form.

            https://github.com/jenkinsci/ldap-plugin/blob/e55d225ba2ef6c99ba9b3336fa4be9d8880be2c9/src/main/java/hudson/security/LDAPSecurityRealm.java#L1543 instantiates the realm from the form submission to pass it to that method. (Also folks wouldn't complain only now if that had always been the case.)

            I suspect it's caused by https://github.com/jenkinsci/jenkins/commit/8f6e04bcb51081627c11df2a105bcb049a1c8339 in 2.342.

            danielbeck Daniel Beck added a comment - Seems quite bad, the validation is using the data it has configured, not what is coming in via the form. https://github.com/jenkinsci/ldap-plugin/blob/e55d225ba2ef6c99ba9b3336fa4be9d8880be2c9/src/main/java/hudson/security/LDAPSecurityRealm.java#L1543 instantiates the realm from the form submission to pass it to that method. (Also folks wouldn't complain only now if that had always been the case.) I suspect it's caused by https://github.com/jenkinsci/jenkins/commit/8f6e04bcb51081627c11df2a105bcb049a1c8339 in 2.342.
            axelh Axel Heider added a comment -

            Why isn't this considered a critical error. Even if this might be a trivial issue from the plugin developer's perspective, It's really annoying that LDAP testing is not possible. This is a real blocker for updating jenkins versions.

            axelh Axel Heider added a comment - Why isn't this considered a critical error. Even if this might be a trivial issue from the plugin developer's perspective, It's really annoying that LDAP testing is not possible. This is a real blocker for updating jenkins versions.
            basil Basil Crow added a comment -

            I suspect it's caused by https://github.com/jenkinsci/jenkins/commit/8f6e04bcb51081627c11df2a105bcb049a1c8339 in 2.342.

            Bisection confirms this.

            basil Basil Crow added a comment - I suspect it's caused by https://github.com/jenkinsci/jenkins/commit/8f6e04bcb51081627c11df2a105bcb049a1c8339 in 2.342. Bisection confirms this.
            jglick Jesse Glick added a comment -

            Looks analogous to JENKINS-61854. The ldap plugin makes assumptions about undocumented aspects of core form layout, since the Jenkins form libs do not permit @QueryParameter to work with structured objects (only simple nearby fields). Possibly the existing logic could be hacked up yet again to match the new controls, but really this validation system needs to be redesigned to use the last-saved config or something—there is simply no way to do this in general.

            jglick Jesse Glick added a comment - Looks analogous to JENKINS-61854 . The ldap plugin makes assumptions about undocumented aspects of core form layout, since the Jenkins form libs do not permit @QueryParameter to work with structured objects (only simple nearby fields). Possibly the existing logic could be hacked up yet again to match the new controls, but really this validation system needs to be redesigned to use the last-saved config or something—there is simply no way to do this in general.
            basil Basil Crow added a comment -

            Possibly the existing logic could be

            Should it be?

            basil Basil Crow added a comment - Possibly the existing logic could be Should it be?
            teilo James Nord added a comment -

            > really this validation system needs to be redesigned to use the last-saved config

             

            Which would make it useless.  The feature is to know your config will be broken in save.  If it is broken after a save you are already locked out as your session should have been invalidated

            teilo James Nord added a comment - > really this validation system needs to be redesigned to use the last-saved config   Which would make it useless.  The feature is to know your config will be broken in save.  If it is broken after a save you are already locked out as your session should have been invalidated

            Further changes in 2.361.1 brought by https://issues.jenkins.io/browse/JENKINS-68373 also breaks the display of the validation error. Will try to find a single solution that works past 2.346.1 and also past 2.361.1.

            allan_burdajewicz Allan BURDAJEWICZ added a comment - Further changes in 2.361.1 brought by https://issues.jenkins.io/browse/JENKINS-68373 also breaks the display of the validation error. Will try to find a single solution that works past 2.346.1 and also past 2.361.1.

            People

              allan_burdajewicz Allan BURDAJEWICZ
              ajard A. Jard
              Votes:
              14 Vote for this issue
              Watchers:
              23 Start watching this issue

              Dates

                Created:
                Updated: