jenkinssvnldapjenkins-plugins
Jenkins administratively disabled user in LDAP causing false negatives
We updated/reinstalled our companys Jenkins and ran into false negatives caused by LDAP + an administratively disabled user. At first I thought it's caused by our mail-notifications and ldap cant get the email of this user, but I disabled all notifications and the problem still occurs.
Everytime a build is triggered by SVN and the administratively disabled user is inside of the commit-list, we get a false negative. We are getting visual bugs, when the user is inside the list of changes.
Log right before the error:
...
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 14:28 min
[INFO] Finished at: 2024-04-16T09:34:13+02:00
...
followed by:
FATAL: org.springframework.security.authentication.DisabledException: The user "userxyz" is administratively disabled.
org.springframework.security.authentication.DisabledException: The user "userxyz" is administratively disabled.
at hudson.security.UserAttributesHelper.checkIfUserEnabled(UserAttributesHelper.java:92)
at hudson.security.LDAPSecurityRealm$LDAPUserDetailsService.loadUserByUsername(LDAPSecurityRealm.java:1319)
at hudson.security.LDAPSecurityRealm$DelegateLDAPUserDetailsService.loadUserByUsername(LDAPSecurityRealm.java:1232)
at hudson.security.LDAPSecurityRealm.loadUserByUsername2(LDAPSecurityRealm.java:765)
at jenkins.security.UserDetailsCache$Retriever.call(UserDetailsCache.java:170)
at jenkins.security.UserDetailsCache$Retriever.call(UserDetailsCache.java:159)
at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4955)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3589)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2328)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2187)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2081)
Caused: com.google.common.util.concurrent.UncheckedExecutionException
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2087)
at com.google.common.cache.LocalCache.get(LocalCache.java:4036)
at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4950)
at jenkins.security.UserDetailsCache.loadUserByUsername(UserDetailsCache.java:127)
at hudson.model.User$UserIDCanonicalIdResolver.resolveCanonicalId(User.java:1262)
at hudson.model.User$CanonicalIdResolver.resolve(User.java:1203)
at hudson.model.User.get(User.java:530)
at hudson.model.User.getOrCreateByIdOrFullName(User.java:593)
at hudson.model.User.get(User.java:574)
at hudson.scm.SubversionChangeLogSet$LogEntry.setUser(SubversionChangeLogSet.java:305)
at hudson.scm.SubversionChangeLogParser.parse(SubversionChangeLogParser.java:92)
at hudson.scm.SubversionChangeLogParser.parse(SubversionChangeLogParser.java:43)
at hudson.scm.ChangeLogParser.parse(ChangeLogParser.java:57)
at hudson.model.AbstractBuild.calcChangeSet(AbstractBuild.java:947)
at hudson.model.AbstractBuild.getChangeSet(AbstractBuild.java:915)
at hudson.model.AbstractBuild.getChangeSets(AbstractBuild.java:929)
at jenkins.scm.RunWithSCM.calculateCulprits(RunWithSCM.java:136)
at hudson.model.AbstractBuild.calculateCulprits(AbstractBuild.java:353)
at jenkins.scm.RunWithSCM.getCulprits(RunWithSCM.java:93)
at hudson.model.AbstractBuild.getCulprits(AbstractBuild.java:342)
at jenkins.scm.RunWithSCM.calculateCulprits(RunWithSCM.java:133)
at hudson.model.AbstractBuild.calculateCulprits(AbstractBuild.java:353)
at jenkins.scm.RunWithSCM.getCulprits(RunWithSCM.java:93)
at hudson.model.AbstractBuild.getCulprits(AbstractBuild.java:342)
at jenkins.scm.RunWithSCM.calculateCulprits(RunWithSCM.java:133)
at hudson.model.AbstractBuild.calculateCulprits(AbstractBuild.java:353)
at jenkins.scm.RunWithSCM.getCulprits(RunWithSCM.java:93)
at hudson.model.AbstractBuild.getCulprits(AbstractBuild.java:342)
at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:715)
at hudson.model.Run.execute(Run.java:1918)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:44)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
I tried:
- disabled all notifications (email, irc, webhook)
- updated all plugins
- checked my LDAP settings (same as before reinstall)
Is there a way to ignore this user? Is the problem caused by LDAP, SVN or both in combination?
Edit:
Found an old entry addressing the same problem Jenkins Jira
Solution
I am now answering my own question, but maybe my solution can help someone. In short, patch the plugin by yourself. GitHub SVN-Plugin
try-catch in SubversionChangeLogSet (Line 305) & SubversionChangeLogParser (Line 92)
Steps
- Visit the GitHub of the subversion-plugin Link
- Clone Project
- Open Project
- add
try-catchinSubversionChangeLogSet(L. 305) &SubversionChangeLogParser(L. 92) - generate .hpi
- install plugin via
[YOUR_JENKINS_URL]/manage/pluginManager/advanced - Deploy + safeRestart
- Jenkins giving error while cloning from gitHub
- Configure Maven installation in Jenkins per individual job
- How to run a PowerShell script as a job in Jenkins
- Jenkins Pipeline Error: "Selected Git installation does not exist."
- Why do I still getting error, Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock?
- How can I test a change made to Jenkinsfile locally?
- Build History Missing in Jenkins
- Jenkins Blue Ocean Plugin fails to connect to GitHub
- Jenkins: trending graph for build step time
- Deleting Jenkins jobs through GUI does not delete their workspaces in slaves
- Sonarqube: Missing blame information for the following files
- Jenkins disableConcurrentBuilds have multiple builds in queue
- Get Jenkins upstream jobs
- How do I write multiple functions in one file?
- Is it possible to have a Jenkins parameter's name with spaces in it?
- Bash: Store return value in variable and throw error later
- Jenkins ssh remote host connection fails
- executing job disabling through groovy
- Automatic build on Jenkins initiated from GitHub. Not working. 502 returned
- Jenkinsfile won't substitute ${USERNAME} with actual username
- Cannot open excel through Jenkins
- Git fails Checking out Revision on jenkins
- How do you label flaky tests using junit?
- Not able to open JenkinsUI from slave machine when jenkins is installed via war package on master
- Excel does not become visible when the VBScript is triggered via Jenkins
- Maven sure fire started to fail suddenly
- How to move an existing job from one view to another in Jenkins?
- When using Jenkins/Newman/Postman how do you protect the client_id/client_secret credentials?
- How to return stdout and stderr together with the status from a Jenkins Pipeline sh script step
- What's the difference between depth and shallow options when cloning with Git plugin in Jenkins