Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49543

Refusing to marshal org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl on Old Apache TomCat 8.x versions

    Details

    • Similar Issues:

      Description

      Workaround: Update to Apache Tomcat 8.0.50 or above

      When saving on the configuration page for a user (http://cool.jenkins.url/user/user.name/configure) I get the following stack trace.

      Adding "-Dhudson.remoting.ClassFilter=org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl" fixes the issue.

      This seems to also be causing issues for workflow-cps-global-lib-plugin's local git repository.

      Stack Trace:

      java.lang.UnsupportedOperationException: Refusing to marshal org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl for security reasons; see https://jenkins.io/redirect/class-filter/
      	at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:543)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88)
      	at com.thoughtworks.xstream.converters.collections.AbstractCollectionConverter.writeItem(AbstractCollectionConverter.java:64)
      	at com.thoughtworks.xstream.converters.collections.CollectionConverter.marshal(CollectionConverter.java:74)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:84)
      	at hudson.util.RobustReflectionConverter.marshallField(RobustReflectionConverter.java:265)
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:252)
      Caused: java.lang.RuntimeException: Failed to serialize hudson.model.User#properties for class hudson.model.User
      	at hudson.util.RobustReflectionConverter$2.writeField(RobustReflectionConverter.java:256)
      	at hudson.util.RobustReflectionConverter$2.visit(RobustReflectionConverter.java:224)
      	at com.thoughtworks.xstream.converters.reflection.PureJavaReflectionProvider.visitSerializableFields(PureJavaReflectionProvider.java:138)
      	at hudson.util.RobustReflectionConverter.doMarshal(RobustReflectionConverter.java:209)
      	at hudson.util.RobustReflectionConverter.marshal(RobustReflectionConverter.java:150)
      	at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58)
      	at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43)
      	at com.thoughtworks.xstream.core.TreeMarshaller.start(TreeMarshaller.java:82)
      	at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.marshal(AbstractTreeMarshallingStrategy.java:37)
      	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1026)
      	at com.thoughtworks.xstream.XStream.marshal(XStream.java:1015)
      	at com.thoughtworks.xstream.XStream.toXML(XStream.java:988)
      	at hudson.XmlFile.write(XmlFile.java:193)
      Caused: java.io.IOException
      	at hudson.XmlFile.write(XmlFile.java:200)
      	at hudson.model.User.save(User.java:827)
      	at hudson.model.User.doConfigSubmit(User.java:901)
      	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
      	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
      	at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77)
      	at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
      	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
      	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
      	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
      	at org.kohsuke.stapler.MetaClass$5.doDispatch(MetaClass.java:248)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
      	at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
      	at org.jenkinsci.plugins.ssegateway.Endpoint$SSEListenChannelFilter.doFilter(Endpoint.java:225)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at io.jenkins.blueocean.auth.jwt.impl.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:61)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at com.smartcodeltd.jenkinsci.plugin.assetbundler.filters.LessCSS.doFilter(LessCSS.java:47)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:237)
      	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:214)
      	at net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:88)
      	at org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:114)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at hudson.plugins.greenballs.GreenBallFilter.doFilter(GreenBallFilter.java:59)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:64)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:616)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:534)
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1081)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:658)
      	at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:222)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1566)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1523)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:745)
      

      Plugins

      ace-editor 1.1
      active-directory 2.6
      analysis-core 1.94
      ansicolor 0.5.2
      ant 1.8
      antisamy-markup-formatter 1.5
      apache-httpcomponents-client-4-api 4.5.3-2.1
      artifactory 2.14.0
      authentication-tokens 1.3
      aws-credentials 1.23
      aws-java-sdk 1.11.264
      blueocean 1.4.1
      blueocean-autofavorite 1.2.1
      blueocean-bitbucket-pipeline 1.4.1
      blueocean-commons 1.4.1
      blueocean-config 1.4.1
      blueocean-core-js 1.4.1
      blueocean-dashboard 1.4.1
      blueocean-display-url 2.2.0
      blueocean-events 1.4.1
      blueocean-git-pipeline 1.4.1
      blueocean-github-pipeline 1.4.1
      blueocean-i18n 1.4.1
      blueocean-jira 1.4.1
      blueocean-jwt 1.4.1
      blueocean-personalization 1.4.1
      blueocean-pipeline-api-impl 1.4.1
      blueocean-pipeline-editor 1.4.1
      blueocean-pipeline-scm-api 1.4.1
      blueocean-rest 1.4.1
      blueocean-rest-impl 1.4.1
      blueocean-web 1.4.1
      bouncycastle-api 2.16.2
      branch-api 2.0.18
      build-blocker-plugin 1.7.3
      build-failure-analyzer 1.19.2
      build-history-metrics-plugin 1.2
      build-monitor-plugin 1.12+build.201708172343
      build-token-root 1.4
      build-user-vars-plugin 1.5
      cloud-stats 0.16
      cloudbees-bitbucket-branch-source 2.2.9
      cloudbees-disk-usage-simple 0.9
      cloudbees-folder 6.3
      command-launcher 1.2
      conditional-buildstep 1.3.6
      config-autorefresh-plugin 1.0
      config-file-provider 2.17
      configurationslicing 1.47
      credentials 2.1.16
      credentials-binding 1.15
      custom-tools-plugin 0.5
      cvs 2.13
      display-url-api 2.2.0
      docker-commons 1.11
      docker-slaves 1.0.7
      docker-workflow 1.15
      dropdown-viewstabbar-plugin 1.7
      durable-task 1.17
      dynamicparameter 0.2.0
      email-ext 2.61
      extended-choice-parameter 0.76
      external-monitor-job 1.7
      extra-columns 1.18
      favorite 2.3.1
      flexible-publish 0.15.2
      fortify-on-demand-uploader 3.0.6
      ghprb 1.40.0
      git 3.7.0
      git-client 2.7.1
      git-server 1.7
      github 1.29.0
      github-api 1.90
      github-branch-source 2.3.2
      github-organization-folder 1.6
      google-oauth-plugin 0.5
      gradle 1.28
      greenballs 1.15
      groovy 2.0
      handlebars 1.1.1
      handy-uri-templates-2-api 2.1.6-1.0
      hipchat 2.1.1
      htmlpublisher 1.14
      icon-shim 2.0.3
      ivy 1.28
      jackson2-api 2.8.11.1
      jacoco 2.2.1
      javadoc 1.4
      jenkins-design-language 1.4.1
      jenkins-jira-plugin 3.1.0
      jenkinslint 0.14.0
      jira 2.5
      jira-steps 1.3.1
      jquery 1.12.4-0
      jquery-detached 1.2.1
      jquery-ui 1.0.2
      jsch 0.1.54.1
      junit 1.24
      kpp-management-plugin 1.0.0
      kubernetes 1.2
      kubernetes-credentials 0.3.0
      kubernetes-pipeline-aggregator 1.5
      kubernetes-pipeline-arquillian-steps 1.5
      kubernetes-pipeline-devops-steps 1.5
      kubernetes-pipeline-steps 1.5
      last-changes 2.6
      ldap 1.19
      ldapemail 0.8 false
      lockable-resources 2.1
      logstash 1.4.0
      mailer 1.20
      mapdb-api 1.0.9.0
      matrix-auth 2.2
      matrix-project 1.12
      maven-plugin 3.1
      mercurial 2.2
      metrics 3.1.2.10
      momentjs 1.1.1
      monitoring 1.71.0
      multiple-scms 0.6
      newrelic-deployment-notifier 1.3
      next-build-number 1.5
      nodejs 1.2.4
      oauth-credentials 0.3
      pam-auth 1.3
      parameter-pool 1.0.3
      parameter-separator 1.0
      parameterized-trigger 2.35.2
      persistent-parameter 1.1
      pipeline-build-step 2.7
      pipeline-github-lib 1.0
      pipeline-graph-analysis 1.6
      pipeline-input-step 2.8
      pipeline-maven 3.3.0
      pipeline-milestone-step 1.3.1
      pipeline-model-api 1.2.7
      pipeline-model-declarative-agent 1.1.1
      pipeline-model-definition 1.2.7
      pipeline-model-extensions 1.2.7
      pipeline-rest-api 2.9
      pipeline-stage-step 2.3
      pipeline-stage-tags-metadata 1.2.7
      pipeline-stage-view 2.9
      pipeline-utility-steps 1.5.1
      plain-credentials 1.4
      play-autotest-plugin 1.0.2
      port-allocator 1.8
      publish-over 0.21
      publish-over-ssh 1.18
      pubsub-light 1.12
      quality-gates 2.5
      resource-disposer 0.8
      restification 1.1.1
      ruby 1.2
      ruby-runtime 0.13
      run-condition 1.0
      rvm 0.6
      saferestart 0.3
      sauce-ondemand 1.171
      scm-api 2.2.6
      script-security 1.41
      scriptler 2.9
      sidebar-link 1.9.1
      sonar 2.6.1
      sse-gateway 1.15
      ssh-agent 1.15
      ssh-credentials 1.13
      ssh-slaves 1.25.1
      structs 1.13
      subversion 2.10.2
      test-stability 2.3
      thinBackup 1.9
      timestamper 1.8.9
      token-macro 2.3
      variant 1.1
      versioncolumn 2.0
      warnings 4.65
      windows-slaves 1.3.1
      workflow-aggregator 2.5
      workflow-api 2.25
      workflow-basic-steps 2.6
      workflow-cps 2.44
      workflow-cps-global-lib 2.9
      workflow-durable-task-step 2.18
      workflow-job 2.17
      workflow-multibranch 2.17
      workflow-scm-step 2.6
      workflow-step-api 2.14
      workflow-support 2.18
      ws-cleanup 0.34
      yet-another-docker-plugin 0.1.0-rc47

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jglick Jesse Glick
                Reporter:
                notanother Tim McNally
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: