Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-69586

User is missing the N/A/GenericConfigure permission

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • Affected versions: Jenkins v2.367 (update from v2.357 to v2.367)
      Jenkins master: Windows 10
      Jenkins slaves: Debian 10/11

      After upgrading Jenkins from v2.357 to v2.367 and the plugins with new versions available I have errors/warning when I try to configure a job:

       

      2022-09-08 10:18:09.678+0000 [id=20]    WARNING    o.e.j.s.h.ContextHandler$Context#log: Error while serving https://xxxxxxxxxxxxxx:8080/job/xxxxxxx/view/xxxxxx/job/xxxxxxxxx/descriptorByName/org.jenkinsci.plugins.parameterizedscheduler.ParameterizedTimerTrigger/checkParameterizedSpecification
      hudson.security.AccessDeniedException3: <user> is missing the N/A/GenericConfigure permission
          at hudson.security.ACL.checkPermission(ACL.java:80)
          at hudson.security.AccessControlled.checkPermission(AccessControlled.java:52)
          at org.jenkinsci.plugins.parameterizedscheduler.DescriptorImpl.doCheckParameterizedSpecification(DescriptorImpl.java:57)
          at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:710)
          at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)
      Caused: java.lang.reflect.InvocationTargetException
          at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:401)
          at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)
          at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)
          at org.kohsuke.stapler.SelectionInterceptedFunction$Adapter.invoke(SelectionInterceptedFunction.java:36)
          at org.kohsuke.stapler.verb.HttpVerbInterceptor.invoke(HttpVerbInterceptor.java:48)
          at org.kohsuke.stapler.SelectionInterceptedFunction.bindAndInvoke(SelectionInterceptedFunction.java:26)
          at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)
          at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)
          at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:289)
          at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
          at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:762)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:894)
          at org.kohsuke.stapler.Stapler.invoke(Stapler.java:690)
          at org.kohsuke.stapler.Stapler.service(Stapler.java:240)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
          at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
          at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:157)
          at org.jenkinsci.plugins.corsfilter.AccessControlsFilter.doFilter(AccessControlsFilter.java:79)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at hudson.plugins.locale.LocaleFilter.doFilter(LocaleFilter.java:42)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:81)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at io.jenkins.plugins.audit.filter.RequestContextFilter.doFilter(RequestContextFilter.java:52)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at io.jenkins.blueocean.auth.jwt.impl.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:60)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:239)
          at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:215)
          at net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:88)
          at org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:121)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at org.jenkinsci.plugins.modernstatus.ModernStatusFilter.doFilter(ModernStatusFilter.java:50)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:64)
          at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
          at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:160)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)
          at jenkins.security.AcegiSecurityExceptionFilter.doFilter(AcegiSecurityExceptionFilter.java:52)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:54)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)
          at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:106)
          at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:97)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:223)
          at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:97)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:112)
          at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82)
          at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:63)
          at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:99)
          at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)
          at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)
          at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
          at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
          at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)
          at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131)
          at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:549)
          at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223)
          at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1571)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
          at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1378)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
          at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
          at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1544)
          at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
          at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1300)
          at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
          at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:46)
          at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
          at org.eclipse.jetty.server.Server.handle(Server.java:562)
          at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505)
          at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762)
          at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497)
          at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282)
          at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:319)
          at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
          at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
          at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
          at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
          at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
          at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
          at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:412)
          at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:381)
          at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:268)
          at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:138)
          at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:407)
          at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:894)
          at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1038)
        at java.base/java.lang.Thread.run(Thread.java:834)

      I have this error/warning only on non-admin account and I didn't change the rights of users after the upgrade of Jenkins.

      I have attached the rights I gave to the user (I don't have any N/A/GenericConfigure right available in my array).

      Note: even if I have the error/warning, I can update my jobs correctly

            Unassigned Unassigned
            alexdf Alex DF
            Votes:
            5 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated: