Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-33999

add org.spring.core.NestedRuntimeException to the whitelist

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      it is required for some exceptions to be propagated over the remoting chanel, however some 3rd party (acegi) exceptions are subclasses of org.springframework.core.NestedRuntimeException which is blocked by the remote classloading. This exception is safe so should be allowed.

        Attachments

          Activity

          Hide
          jglick Jesse Glick added a comment -

          Specifically AcegiSecurityException and thus its subtypes like UsernameNotFoundException used by Jenkins extend NestedRuntimeException.

          Show
          jglick Jesse Glick added a comment - Specifically AcegiSecurityException and thus its subtypes like UsernameNotFoundException used by Jenkins extend NestedRuntimeException .
          Hide
          jglick Jesse Glick added a comment -

          Also DataAccessException.

          Show
          jglick Jesse Glick added a comment - Also DataAccessException .
          Hide
          teilo James Nord added a comment - - edited

          Jesse Glick should we just exclude any

          
          

          [^.]*Exception${noformat} from the spring blacklist entry so all spring exceptions are allowed?

          I haven;t checked all Springs exceptions but it would seem mostly hamrless. (DataAccessException would be blocked as it is inside org.springframework)

          Show
          teilo James Nord added a comment - - edited Jesse Glick should we just exclude any [^.] *Exception${noformat} from the spring blacklist entry so all spring exceptions are allowed? I haven;t checked all Springs exceptions but it would seem mostly hamrless. (DataAccessException would be blocked as it is inside org.springframework)
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: James Nord
          Path:
          src/main/java/hudson/remoting/ClassFilter.java
          src/test/java/hudson/remoting/DefaultClassFilterTest.java
          http://jenkins-ci.org/commit/remoting/d72ffb337a75913291807b3a06b9f7f02e5eac58
          Log:
          JENKINS-33999 Do no blacklist springs NestedRuntimeException

          NestedRuntimeException needs to be propagated across remoting for things
          like remote authentication schemes.

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: James Nord Path: src/main/java/hudson/remoting/ClassFilter.java src/test/java/hudson/remoting/DefaultClassFilterTest.java http://jenkins-ci.org/commit/remoting/d72ffb337a75913291807b3a06b9f7f02e5eac58 Log: JENKINS-33999 Do no blacklist springs NestedRuntimeException NestedRuntimeException needs to be propagated across remoting for things like remote authentication schemes.
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          src/main/java/hudson/remoting/ClassFilter.java
          src/test/java/hudson/remoting/DefaultClassFilterTest.java
          http://jenkins-ci.org/commit/remoting/a86a27db2c3053eadbb78f72917181edd2003984
          Log:
          Merge pull request #79 from jtnord/JENKINS-33999

          JENKINS-33999 Do not blacklist Spring’s Exceptions

          Compare: https://github.com/jenkinsci/remoting/compare/7cb41387b021...a86a27db2c30

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: src/main/java/hudson/remoting/ClassFilter.java src/test/java/hudson/remoting/DefaultClassFilterTest.java http://jenkins-ci.org/commit/remoting/a86a27db2c3053eadbb78f72917181edd2003984 Log: Merge pull request #79 from jtnord/ JENKINS-33999 JENKINS-33999 Do not blacklist Spring’s Exceptions Compare: https://github.com/jenkinsci/remoting/compare/7cb41387b021...a86a27db2c30
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: James Nord
          Path:
          pom.xml
          http://jenkins-ci.org/commit/jenkins/08fe459d1219fc8f0a4cc3a7f76c42d2072b673b
          Log:
          [FIXED JENKINS-33999] Update remoting to 2.57

          This picks up the new remoting with the upstream fix for Jenkins-33999
          which allows spring Exceptions past the class blacklist

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: James Nord Path: pom.xml http://jenkins-ci.org/commit/jenkins/08fe459d1219fc8f0a4cc3a7f76c42d2072b673b Log: [FIXED JENKINS-33999] Update remoting to 2.57 This picks up the new remoting with the upstream fix for Jenkins-33999 which allows spring Exceptions past the class blacklist
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Daniel Beck
          Path:
          pom.xml
          http://jenkins-ci.org/commit/jenkins/90d051b7f2dfb5890fb70985f30abcbf5f587be6
          Log:
          Merge pull request #2243 from jtnord/jenkins-33999

          [FIXED JENKINS-33999] Update remoting to 2.57

          Compare: https://github.com/jenkinsci/jenkins/compare/d8af38b7e336...90d051b7f2df

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: pom.xml http://jenkins-ci.org/commit/jenkins/90d051b7f2dfb5890fb70985f30abcbf5f587be6 Log: Merge pull request #2243 from jtnord/jenkins-33999 [FIXED JENKINS-33999] Update remoting to 2.57 Compare: https://github.com/jenkinsci/jenkins/compare/d8af38b7e336...90d051b7f2df
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: James Nord
          Path:
          pom.xml
          http://jenkins-ci.org/commit/jenkins/f391f8be2bd09171b0e9f2e0948e68140e710389
          Log:
          [FIXED JENKINS-33999] Update remoting to 2.57

          This picks up the new remoting with the upstream fix for Jenkins-33999
          which allows spring Exceptions past the class blacklist

          (cherry picked from commit 08fe459d1219fc8f0a4cc3a7f76c42d2072b673b)

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: James Nord Path: pom.xml http://jenkins-ci.org/commit/jenkins/f391f8be2bd09171b0e9f2e0948e68140e710389 Log: [FIXED JENKINS-33999] Update remoting to 2.57 This picks up the new remoting with the upstream fix for Jenkins-33999 which allows spring Exceptions past the class blacklist (cherry picked from commit 08fe459d1219fc8f0a4cc3a7f76c42d2072b673b)

            People

            • Assignee:
              teilo James Nord
              Reporter:
              teilo James Nord
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: