Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48759

"Failed to test the validity of the user name" on all security matrices using groups after switch to HTTPS

XMLWordPrintable

      If I have HTTP and HTTPS enabled, when I access the Configure Global Security page, I get two different results.  I am using Active Directory for authentication and Matrix-based Security for authorization.  If accessing via HTTP, the groups that I created in the matrix, show up fine.  When accessing via HTTPS, the groups show up red saying, "Failed to test the validity of the user name." The interesting thing is that this is only the case for domain groups.  When I add a single user to the matrix using their sAMAccountName, it resolves to their DisplayName without an issue and then does not display this same error.  The error I am getting is:

       

      Failed to test the validity of the user name CIUsers javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]; remaining name 'DC=Companyre,DC=net'
       at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
       at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
       at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
       at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
       at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
       at hudson.plugins.active_directory.LDAPSearchBuilder.search(LDAPSearchBuilder.java:120)
       at hudson.plugins.active_directory.LDAPSearchBuilder.searchOne(LDAPSearchBuilder.java:85)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:386)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:341)
       at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4767)
       at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3568)
       at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2350)
      Caused: java.util.concurrent.ExecutionException
       at com.google.common.util.concurrent.AbstractFuture$Sync.getValue(AbstractFuture.java:289)
       at com.google.common.util.concurrent.AbstractFuture$Sync.get(AbstractFuture.java:276)
       at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:111)
       at com.google.common.util.concurrent.Uninterruptibles.getUninterruptibly(Uninterruptibles.java:132)
       at com.google.common.cache.LocalCache$Segment.getAndRecordStats(LocalCache.java:2381)
       at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2351)
       at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2313)
       at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2228)
       at com.google.common.cache.LocalCache.get(LocalCache.java:3965)
       at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4764)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:341)
      Caused: hudson.plugins.active_directory.CacheAuthenticationException: Authentication failed because there was a problem caching user CIUsers; nested exception is java.util.concurrent.ExecutionException: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]; remaining name 'DC=Companyre,DC=net'
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:496)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:304)
       at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:226)
       at hudson.plugins.active_directory.AbstractActiveDirectoryAuthenticationProvider.loadUserByUsername(AbstractActiveDirectoryAuthenticationProvider.java:55)
       at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.loadUserByUsername(ActiveDirectorySecurityRealm.java:831)
       at org.jenkinsci.plugins.matrixauth.AuthorizationContainerDescriptor.doCheckName_(AuthorizationContainerDescriptor.java:136)
       at hudson.security.GlobalMatrixAuthorizationStrategy$DescriptorImpl.doCheckName(GlobalMatrixAuthorizationStrategy.java:222)
       at java.lang.invoke.MethodHandle.invokeWithArguments(Unknown Source)
       at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
       at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
       at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
       at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
       at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
       at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
       at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
       at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)
       at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
       at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
       at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
       at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
       at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
       at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:841)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1650)
       at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
       at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:105)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
       at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
       at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
       at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
       at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
       at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
       at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
       at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
       at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
       at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
       at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190)
       at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
       at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
       at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
       at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
       at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
       at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
       at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
       at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
       at org.eclipse.jetty.server.Server.handle(Server.java:564)
       at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:317)
       at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
       at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
       at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110)
       at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:278)
       at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:148)
       at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110)
       at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
       at org.eclipse.jetty.util.thread.Invocable.invokePreferred(Invocable.java:128)
       at org.eclipse.jetty.util.thread.Invocable$InvocableExecutor.invoke(Invocable.java:222)
       at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:294)
       at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:199)
       at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)

            fbelzunc Félix Belzunce Arcos
            jobzombi Jonathan Burbano
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: