Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35652

ScriptSecurityRealm.loadUserByUsername() IllegalArgumentException is not being caught by role strategy

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Originally it has been reported by Sebastian Schuberth in JENKINS-35515.
      It happens, because User Authorities permission check logic relies on the Security realm and does not handle errors.
      Most likely there is a related bug in active directory plugin

      java.lang.IllegalArgumentException: Cannot pass null or empty values to constructor
      at org.acegisecurity.userdetails.User.<init>(User.java:127)
      at hudson.plugins.script_realm.ScriptSecurityRealm.loadUserByUsername(ScriptSecurityRealm.java:105)
      at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap.hasPermission(RoleMap.java:110)
      at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap.access$000(RoleMap.java:64)
      at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap$AclImpl.hasPermission(RoleMap.java:341)
      

        Attachments

          Activity

          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleMap.java
          http://jenkins-ci.org/commit/role-strategy-plugin/62f4dda20827c375fc565e0105fe06550aed5361
          Log:
          JENKINS-35652 - Authorities resolution: Catch Runtime Exceptions from the SecurityRealm (#20)

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleMap.java http://jenkins-ci.org/commit/role-strategy-plugin/62f4dda20827c375fc565e0105fe06550aed5361 Log: JENKINS-35652 - Authorities resolution: Catch Runtime Exceptions from the SecurityRealm (#20)
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          The fix has been released as role-strategy:2.3.2

          Show
          oleg_nenashev Oleg Nenashev added a comment - The fix has been released as role-strategy:2.3.2

            People

            • Assignee:
              oleg_nenashev Oleg Nenashev
              Reporter:
              oleg_nenashev Oleg Nenashev
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: