Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48759

"Failed to test the validity of the user name" on all security matrices using groups after switch to HTTPS

    Details

    • Similar Issues:

      Description

      If I have HTTP and HTTPS enabled, when I access the Configure Global Security page, I get two different results.  I am using Active Directory for authentication and Matrix-based Security for authorization.  If accessing via HTTP, the groups that I created in the matrix, show up fine.  When accessing via HTTPS, the groups show up red saying, "Failed to test the validity of the user name." The interesting thing is that this is only the case for domain groups.  When I add a single user to the matrix using their sAMAccountName, it resolves to their DisplayName without an issue and then does not display this same error.  The error I am getting is:

       

      Failed to test the validity of the user name CIUsers javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]; remaining name 'DC=Companyre,DC=net'
       at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
       at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
       at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
       at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
       at hudson.plugins.active_directory.LDAPSearchBuilder.search(LDAPSearchBuilder.java:120)
       at hudson.plugins.active_directory.LDAPSearchBuilder.searchOne(LDAPSearchBuilder.java:85)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:386)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:341)
       at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4767)
       at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3568)
       at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2350)
      Caused: java.util.concurrent.ExecutionException
       at com.google.common.util.concurrent.AbstractFuture$Sync.getValue(AbstractFuture.java:289)
       at com.google.common.util.concurrent.AbstractFuture$Sync.get(AbstractFuture.java:276)
       at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:111)
       at com.google.common.util.concurrent.Uninterruptibles.getUninterruptibly(Uninterruptibles.java:132)
       at com.google.common.cache.LocalCache$Segment.getAndRecordStats(LocalCache.java:2381)
       at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2351)
       at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2313)
       at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2228)
       at com.google.common.cache.LocalCache.get(LocalCache.java:3965)
       at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4764)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:341)
      Caused: hudson.plugins.active_directory.CacheAuthenticationException: Authentication failed because there was a problem caching user CIUsers; nested exception is java.util.concurrent.ExecutionException: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]; remaining name 'DC=Companyre,DC=net'
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:496)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:304)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:226)
       at hudson.plugins.active_directory.AbstractActiveDirectoryAuthenticationProvider.loadUserByUsername(AbstractActiveDirectoryAuthenticationProvider.java:55)
       at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.loadUserByUsername(ActiveDirectorySecurityRealm.java:831)
       at org.jenkinsci.plugins.matrixauth.AuthorizationContainerDescriptor.doCheckName_(AuthorizationContainerDescriptor.java:136)
       at hudson.security.GlobalMatrixAuthorizationStrategy$DescriptorImpl.doCheckName(GlobalMatrixAuthorizationStrategy.java:222)
       at java.lang.invoke.MethodHandle.invokeWithArguments(Unknown Source)
       at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
       at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
       at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
       at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
       at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
       at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
       at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
       at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)
       at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
       at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
       at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
       at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
       at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
       at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:841)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1650)
       at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
       at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:105)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
       at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
       at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
       at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
       at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
       at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
       at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190)
       at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
       at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
       at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
       at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
       at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
       at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
       at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
       at org.eclipse.jetty.server.Server.handle(Server.java:564)
       at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:317)
       at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
       at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
       at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110)
       at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:278)
       at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:148)
       at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110)
       at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
       at org.eclipse.jetty.util.thread.Invocable.invokePreferred(Invocable.java:128)
       at org.eclipse.jetty.util.thread.Invocable$InvocableExecutor.invoke(Invocable.java:222)
       at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:294)
       at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:199)
       at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              fbelzunc Félix Belzunce Arcos
              Reporter:
              jobzombi Jonathan Burbano
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: