Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-22409

API Token no longer working for API calls

    Details

    • Similar Issues:

      Description

      All our API calls are now failing. Even a simple thing like this:

      <username>:<token>@jenkins.goonies3.com/api/json

      I keep getting:

      Error 401 Unexpected authentication type: org.acegisecurity.providers.UsernamePasswordAuthenticationToken@b69dc627: Username: <username>; Password: [PROTECTED]; Authenticated: false; Details: org.acegisecurity.ui.WebAuthenticationDetails@ffff8868: RemoteIpAddress: <ip address>; SessionId: null; Not granted any authorities

      How do I get my API calls working again? This is a huge issue, it's brining most of our automated processing to a halt.

        Attachments

          Issue Links

            Activity

            Hide
            danielbeck Daniel Beck added a comment -

            Possibly related to this change in 1.556.

            Show
            danielbeck Daniel Beck added a comment - Possibly related to this change in 1.556.
            Hide
            danielbeck Daniel Beck added a comment -

            Could someone please post the full stack trace, e.g. from jenkins.log?

            Show
            danielbeck Daniel Beck added a comment - Could someone please post the full stack trace, e.g. from jenkins.log?
            Hide
            dserodio Daniel Serodio added a comment -

            I'm running Jenkins 1.565 w/ Active Directory plugin 1.37 and I try to authenticate jenkins-cli with an apiToken like this:

            java -jar jenkins-cli.jar -s http://jenkins.intranet:8080/jenkins build test_job --username dserodi --password MY_API_KEY
            

            I get this stracktrace:

            Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl bind
            WARNING: Failed to authenticate while binding to adserver.intranet:3268
            javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
                    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
                    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
                    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835)
                    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
                    at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635)
                    at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622)
                    at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618)
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454)
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370)
                    at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248)
                    at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193)
                    at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137)
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602)
                    at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114)
                    at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39)
                    at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81)
                    at hudson.cli.CLICommand.main(CLICommand.java:228)
                    at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92)
                    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
                    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                    at java.lang.reflect.Method.invoke(Method.java:606)
                    at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300)
                    at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281)
                    at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240)
                    at hudson.remoting.UserRequest.perform(UserRequest.java:118)
                    at hudson.remoting.UserRequest.perform(UserRequest.java:48)
                    at hudson.remoting.Request$2.run(Request.java:328)
                    at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
                    at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63)
                    at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95)
                    at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)
                    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
                    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
                    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
                    at java.lang.Thread.run(Thread.java:744)
            
            Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider retrieveUser
            WARNING: Credential exception trying to authenticate against intranet domain
            org.acegisecurity.BadCredentialsException: Either no such user 'dserodi@intranet' or incorrect password; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:385)
                    at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248)
                    at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193)
                    at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137)
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602)
                    at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114)
                    at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39)
                    at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81)
                    at hudson.cli.CLICommand.main(CLICommand.java:228)
                    at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92)
                    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
                    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                    at java.lang.reflect.Method.invoke(Method.java:606)
                    at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300)
                    at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281)
                    at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240)
                    at hudson.remoting.UserRequest.perform(UserRequest.java:118)
                    at hudson.remoting.UserRequest.perform(UserRequest.java:48)
                    at hudson.remoting.Request$2.run(Request.java:328)
                    at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
                    at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63)
                    at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95)
                    at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)
                    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
                    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
                    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
                    at java.lang.Thread.run(Thread.java:744)
            Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
                    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
                    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
                    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835)
                    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
                    at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635)
                    at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622)
                    at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618)
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454)
                    at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370)
                    ... 27 more
            
            Show
            dserodio Daniel Serodio added a comment - I'm running Jenkins 1.565 w/ Active Directory plugin 1.37 and I try to authenticate jenkins-cli with an apiToken like this: java -jar jenkins-cli.jar -s http: //jenkins.intranet:8080/jenkins build test_job --username dserodi --password MY_API_KEY I get this stracktrace: Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl bind WARNING: Failed to authenticate while binding to adserver.intranet:3268 javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622) at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602) at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114) at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39) at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81) at hudson.cli.CLICommand.main(CLICommand.java:228) at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:328) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63) at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95) at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang. Thread .run( Thread .java:744) Aug 20, 2014 5:42:12 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider retrieveUser WARNING: Credential exception trying to authenticate against intranet domain org.acegisecurity.BadCredentialsException: Either no such user 'dserodi@intranet' or incorrect password; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:385) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:248) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:193) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:137) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.authenticate(ActiveDirectorySecurityRealm.java:602) at hudson.security.AbstractPasswordBasedSecurityRealm.doAuthenticate(AbstractPasswordBasedSecurityRealm.java:114) at hudson.security.AbstractPasswordBasedSecurityRealm.access$100(AbstractPasswordBasedSecurityRealm.java:39) at hudson.security.AbstractPasswordBasedSecurityRealm$1.authenticate(AbstractPasswordBasedSecurityRealm.java:81) at hudson.cli.CLICommand.main(CLICommand.java:228) at hudson.cli.CliManagerImpl.main(CliManagerImpl.java:92) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at hudson.remoting.RemoteInvocationHandler$RPCRequest.perform(RemoteInvocationHandler.java:300) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:281) at hudson.remoting.RemoteInvocationHandler$RPCRequest.call(RemoteInvocationHandler.java:240) at hudson.remoting.UserRequest.perform(UserRequest.java:118) at hudson.remoting.UserRequest.perform(UserRequest.java:48) at hudson.remoting.Request$2.run(Request.java:328) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at hudson.cli.CliManagerImpl$1.call(CliManagerImpl.java:63) at hudson.remoting.InterceptingExecutorService$2.call(InterceptingExecutorService.java:95) at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang. Thread .run( Thread .java:744) Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2635) at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2622) at com.sun.jndi.ldap.LdapCtx.reconnect(LdapCtx.java:2618) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:454) at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:370) ... 27 more
            Hide
            danielbeck Daniel Beck added a comment -

            Daniel Serodio: Completely different issue. This is about Github OAuth. Please file a new issue.

            Show
            danielbeck Daniel Beck added a comment - Daniel Serodio : Completely different issue. This is about Github OAuth. Please file a new issue.
            Hide
            danielbeck Daniel Beck added a comment -

            Resolving as incomplete as there have been no responses to comments asking for clarification and additional information in months.

            Show
            danielbeck Daniel Beck added a comment - Resolving as incomplete as there have been no responses to comments asking for clarification and additional information in months.

              People

              • Assignee:
                skottler Sam Kottler
                Reporter:
                jzaun Justin Zaun
              • Votes:
                5 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: