Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35652

ScriptSecurityRealm.loadUserByUsername() IllegalArgumentException is not being caught by role strategy

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Originally it has been reported by Sebastian Schuberth in JENKINS-35515.
      It happens, because User Authorities permission check logic relies on the Security realm and does not handle errors.
      Most likely there is a related bug in active directory plugin

      java.lang.IllegalArgumentException: Cannot pass null or empty values to constructor
      at org.acegisecurity.userdetails.User.<init>(User.java:127)
      at hudson.plugins.script_realm.ScriptSecurityRealm.loadUserByUsername(ScriptSecurityRealm.java:105)
      at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap.hasPermission(RoleMap.java:110)
      at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap.access$000(RoleMap.java:64)
      at com.michelin.cio.hudson.plugins.rolestrategy.RoleMap$AclImpl.hasPermission(RoleMap.java:341)
      

        Attachments

          Activity

            People

            • Assignee:
              oleg_nenashev Oleg Nenashev
              Reporter:
              oleg_nenashev Oleg Nenashev
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: