Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Hudson » Migration to 3.0 - security problem(Hudson does not even start)
icon9.gif  Migration to 3.0 - security problem [message #1014706] Tue, 26 February 2013 05:16 Go to next message
k z is currently offline k z
Messages: 71
Registered: October 2012
Member
Hi,

I have tried migration to V3.0 on our test environment and got plenty of exceptions.I won't put other than security problems here in order not to pollute this thread. SetupInit page was displayed and installed all updates. After that when Hudson was loading, I got Tomcat exception page. hudson-security.xml was created. Hudson is started even though Tomcat displays only exception. New log entries are added (SCM Polling) to the log file
When I changed useSecurity from true to false in this file I was able see Hudson in Tomcat but obviously security was disabled.
Env:
Tomcat
Hudson 2.2.0
Hudson Active Directory plugin - 1.17
Role-based Authorization Strategy - 1.1.2

Part of the Hudson log which I think is related

INFO: Home directory: /home/tomcat6/.hudson
Feb 26, 2013 10:13:05 AM hudson.util.RobustReflectionConverter doUnmarshal
WARNING: Skipping a non-existent type com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy
Feb 26, 2013 10:13:05 AM hudson.util.RobustReflectionConverter doUnmarshal
WARNING: Skipping a non-existent type hudson.plugins.active_directory.ActiveDirectorySecurityRealm
Feb 26, 2013 10:13:05 AM org.eclipse.hudson.security.HudsonSecurityManager load
SEVERE: Failed to load /home/tomcat6/.hudson/hudson-security.xml
hudson.util.IOException2: Unable to read /home/tomcat6/.hudson/hudson-security.xml
	at hudson.XmlFile.unmarshal(XmlFile.java:140)
	at org.eclipse.hudson.security.HudsonSecurityManager.load(HudsonSecurityManager.java:366)
	at org.eclipse.hudson.security.HudsonSecurityManager.<init>(HudsonSecurityManager.java:143)
	at org.eclipse.hudson.HudsonServletContextListener.contextInitialized(HudsonServletContextListener.java:206)
	at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4206)
	at org.apache.catalina.core.StandardContext.start(StandardContext.java:4705)
	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799)
	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:779)
	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601)
	at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:943)
	at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:778)
	at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:504)
	at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1315)
	at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:324)
	at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1061)
	at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)
	at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
	at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
	at org.apache.catalina.core.StandardService.start(StandardService.java:525)
	at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
	at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:616)
	at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
	at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: com.thoughtworks.xstream.converters.ConversionException: null : null
---- Debugging information ----
cause-exception     : java.lang.NullPointerException
cause-message       : null
class               : org.eclipse.hudson.security.HudsonSecurityManager
required-type       : org.eclipse.hudson.security.HudsonSecurityManager
converter-type      : hudson.util.RobustReflectionConverter
path                : /hudsonSecurityManager
line number         : 670
version             : null
-------------------------------
	at com.thoughtworks.xstream.core.TreeUnmarshaller.convert(TreeUnmarshaller.java:79)
	at com.thoughtworks.xstream.core.AbstractReferenceUnmarshaller.convert(AbstractReferenceUnmarshaller.java:65)
	at com.thoughtworks.xstream.core.TreeUnmarshaller.convertAnother(TreeUnmarshaller.java:66)
	at com.thoughtworks.xstream.core.TreeUnmarshaller.convertAnother(TreeUnmarshaller.java:50)
	at com.thoughtworks.xstream.core.TreeUnmarshaller.start(TreeUnmarshaller.java:134)
	at com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.unmarshal(AbstractTreeMarshallingStrategy.java:32)
	at com.thoughtworks.xstream.XStream.unmarshal(XStream.java:1034)
	at hudson.util.XStream2.unmarshal(XStream2.java:76)
	at com.thoughtworks.xstream.XStream.unmarshal(XStream.java:1018)
	at hudson.XmlFile.unmarshal(XmlFile.java:136)
	... 27 more
Caused by: java.lang.NullPointerException
	at hudson.diagnosis.OldDataMonitor.report(OldDataMonitor.java:185)
	at hudson.util.RobustReflectionConverter.doUnmarshal(RobustReflectionConverter.java:264)
	at hudson.util.RobustReflectionConverter.unmarshal(RobustReflectionConverter.java:173)
	at com.thoughtworks.xstream.core.TreeUnmarshaller.convert(TreeUnmarshaller.java:72)
	... 36 more
Feb 26, 2013 10:13:11 AM hudson.util.CharacterEncodingFilter init
INFO: CharacterEncodingFilter initialized. DISABLE_FILTER: false FORCE_ENCODING: false
Feb 26, 2013 10:13:11 AM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080


However, later on, both security plugins seems to be loaded successfully

Inspecting:
...
Feb 26, 2013 10:13:17 AM hudson.model.Hudson$5 onAttained
INFO: Attained Inspecting plugin /home/tomcat6/.hudson/plugins/role-strategy.hpi
Feb 26, 2013 10:13:17 AM hudson.model.Hudson$5 onAttained
INFO: Attained Inspecting plugin /home/tomcat6/.hudson/plugins/active-directory.hpi
2013 10:13:22 AM hudson.PluginManager$2$1$1 run
...
Loading:
...
INFO: Loading plugin - role-strategy
Feb 26, 2013 10:13:22 AM hudson.model.Hudson$5 onAttained
INFO: Attained Loading plugin role-strategy
Feb 26, 2013 10:13:22 AM hudson.PluginManager$2$1$1 run
INFO: Loading plugin - active-directory
Feb 26, 2013 10:13:22 AM hudson.model.Hudson$5 onAttained
INFO: Attained Loading plugin active-directory
...
Initializing:
...
Feb 26, 2013 10:13:46 AM hudson.model.Hudson$5 onAttained
INFO: Attained Initializing plugin role-strategy
Feb 26, 2013 10:13:46 AM hudson.model.Hudson$5 onAttained
INFO: Attained Initializing plugin active-directory
...


Despite the exceptions, Hudson pooling mechanism is working adding new entries (with same security exceptons) to the log

Feb 26, 2013 10:48:43 AM hudson.triggers.SCMTrigger$Runner runPolling
SEVERE: Failed to record SCM polling
java.lang.AbstractMethodError: hudson.security.SidACL.hasPermission(Lorg/springframework/security/acls/sid/Sid;Lhudson/security/Permission;)Ljava/lang/Boolean;
	at hudson.security.SidACL$1.hasPermission(SidACL.java:146)
	at hudson.security.SidACL._hasPermission(SidACL.java:67)
	at hudson.security.SidACL.hasPermission(SidACL.java:45)
	at hudson.security.ACL.hasPermission(ACL.java:55)
	at hudson.model.AbstractItem.hasPermission(AbstractItem.java:369)
	at hudson.model.Hudson.getItems(Hudson.java:1191)
	at hudson.model.Hudson.getItems(Hudson.java:220)
	at hudson.model.Hudson.getAllItems(Hudson.java:1247)
	at hudson.model.Job.getCascadingProject(Job.java:1690)
	at hudson.model.Job.hasCascadingProject(Job.java:1702)
	at org.eclipse.hudson.model.project.property.BaseProjectProperty.getCascadingValue(BaseProjectProperty.java:95)
	at org.eclipse.hudson.model.project.property.BaseProjectProperty.getValue(BaseProjectProperty.java:120)
	at hudson.util.DescribableListUtil.convertToDescribableList(DescribableListUtil.java:166)
	at hudson.util.DescribableListUtil.convertToDescribableList(DescribableListUtil.java:147)
	at hudson.model.BaseBuildableProject.getBuildWrappersList(BaseBuildableProject.java:219)
	at hudson.model.AbstractBuild.getBuildVariables(AbstractBuild.java:832)
	at hudson.model.AbstractBuild.getBuildVariableResolver(AbstractBuild.java:851)
	at hudson.model.ParametersAction.createVariableResolver(ParametersAction.java:97)
	at hudson.model.ParametersAction.substitute(ParametersAction.java:81)
	at hudson.scm.SubversionSCM$ModuleLocation.getExpandedRemote(SubversionSCM.java:2476)
	at hudson.scm.SubversionSCM$ModuleLocation.getExpandedLocation(SubversionSCM.java:2508)
	at hudson.scm.SubversionSCM.getLocations(SubversionSCM.java:423)
	at hudson.scm.SubversionSCM.repositoryLocationsNoLongerExist(SubversionSCM.java:2271)
	at hudson.scm.SubversionSCM.compareRemoteRevisionWith(SubversionSCM.java:1105)
	at hudson.scm.SCM._compareRemoteRevisionWith(SCM.java:353)
	at hudson.scm.SCM.poll(SCM.java:371)
	at hudson.model.AbstractProject.poll(AbstractProject.java:1649)
	at hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:438)
	at hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:468)
	at hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:133)
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
	at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
	at java.util.concurrent.FutureTask.run(FutureTask.java:166)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
	at java.lang.Thread.run(Thread.java:679)

Tomcat exception:
exception

javax.servlet.ServletException: Servlet execution threw an exception
	hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:86)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:162)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:134)
	hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:89)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:162)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:134)
	hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:89)
	hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:78)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:81)
	hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:45)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.providers.anonymous.AnonymousProcessingFilter.doFilterHttp(AnonymousProcessingFilter.java:105)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.rememberme.RememberMeProcessingFilter.doFilterHttp(RememberMeProcessingFilter.java:109)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:278)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:174)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:73)
	hudson.security.HudsonFilter.doFilter(HudsonFilter.java:157)
	hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70)


Tomcat root cause
root cause

java.lang.AbstractMethodError: hudson.security.SidACL.hasPermission(Lorg/springframework/security/acls/sid/Sid;Lhudson/security/Permission;)Ljava/lang/Boolean;
	hudson.security.SidACL._hasPermission(SidACL.java:67)
	hudson.security.SidACL.hasPermission(SidACL.java:45)
	hudson.security.ACL.checkPermission(ACL.java:44)
	hudson.model.Node.checkPermission(Node.java:351)
	hudson.model.Hudson.getTarget(Hudson.java:3427)
	org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:500)
	org.kohsuke.stapler.Stapler.invoke(Stapler.java:650)
	org.kohsuke.stapler.Stapler.invoke(Stapler.java:481)
	org.kohsuke.stapler.Stapler.service(Stapler.java:152)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
	hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:86)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:162)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:134)
	hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:89)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:162)
	org.hudsonci.servlets.internal.ServletRegistrationFilterAdapter.doFilter(ServletRegistrationFilterAdapter.java:134)
	hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:89)
	hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:78)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:81)
	hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:45)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.providers.anonymous.AnonymousProcessingFilter.doFilterHttp(AnonymousProcessingFilter.java:105)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.rememberme.RememberMeProcessingFilter.doFilterHttp(RememberMeProcessingFilter.java:109)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:278)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:174)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
	org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:73)
	hudson.security.HudsonFilter.doFilter(HudsonFilter.java:157)
	hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70)

Re: Migration to 3.0 - security problem [message #1014707 is a reply to message #1014706] Tue, 26 February 2013 05:19 Go to previous messageGo to next message
Reinhard Nägele is currently offline Reinhard Nägele
Messages: 23
Registered: January 2013
Junior Member
See this thread http://www.eclipse.org/forums/index.php/t/446593/. You need to update the Active Directory plugin.
Re: Migration to 3.0 - security problem [message #1014714 is a reply to message #1014707] Tue, 26 February 2013 05:34 Go to previous messageGo to next message
k z is currently offline k z
Messages: 71
Registered: October 2012
Member
Hi,
I think it is already updated to the latest version. I quess it was done on InitSetup page. If I disable security and go to the Plugin Hudson Mnager page, Active Directory plugin is marked as installed (1.31-h1). There is also button 'Downgrade to 1.17'. Is it possible that I still have an old version? How did you update it?
Re: Migration to 3.0 - security problem [message #1014721 is a reply to message #1014714] Tue, 26 February 2013 05:45 Go to previous messageGo to next message
Reinhard Nägele is currently offline Reinhard Nägele
Messages: 23
Registered: January 2013
Junior Member
You had mentioned 1.17, thus my post. The latest version is 1.31-h1. So this should be ok. The permissions problems might be related to the Role-based Authorization Plugin.
Re: Migration to 3.0 - security problem [message #1014730 is a reply to message #1014721] Tue, 26 February 2013 06:01 Go to previous messageGo to next message
k z is currently offline k z
Messages: 71
Registered: October 2012
Member
1.17 was the version when I started migration and when the migration was finished, it was aleady 1.31-h1. It was updated during initSetup, at least I would expect that. initSetup.xml only says "Hudson 3.0 Initial Setup Done" and plugin manager displays 1.31-h1. Anyway Role-based Authorization Strategy kept its original version - 1.1.2. Do you have a different version?
Re: Migration to 3.0 - security problem [message #1015117 is a reply to message #1014730] Wed, 27 February 2013 09:07 Go to previous messageGo to next message
k z is currently offline k z
Messages: 71
Registered: October 2012
Member
After further investigation it turned out that Role-based Authorization Strategy (1.1.2 - latest version) does not work with Hudson 3.0.0 at all. Could you please fix that?

java.lang.NoClassDefFoundError: org/acegisecurity/acls/sid/PrincipalSid

[Updated on: Wed, 27 February 2013 09:47]

Report message to a moderator

Re: Migration to 3.0 - security problem [message #1015174 is a reply to message #1015117] Wed, 27 February 2013 11:29 Go to previous messageGo to next message
Winston Prakash is currently offline Winston Prakash
Messages: 391
Registered: August 2011
Location: Fremont, CA USA
Senior Member
Hi K.Z, The hudson-security.xml is read twice. Before all the plugins are loaded (this is for securing the initial setup, if security was already setup) and after all the plugins are installed (this is to make sure, security provided by plugins are loaded correctly. Unfortunately, if the security comes from pugin, it would through exception in the initial attempt, but succeeds in the second attempt. I will look in to this for next version.

I will fix the Role-based Authorization Strategy plugin and release a version as soon as possible.


Winston Prakash
Eclipse Hudson team
Re: Migration to 3.0 - security problem [message #1020612 is a reply to message #1015174] Mon, 18 March 2013 11:09 Go to previous messageGo to next message
k z is currently offline k z
Messages: 71
Registered: October 2012
Member
Hi,

When can we expect Role-based Authorization Strategy plugin working? Lack of this plugin is effectivly holding us back from migrating to Hudson 3.x.

Regards!
Re: Migration to 3.0 - security problem [message #1020765 is a reply to message #1020612] Mon, 18 March 2013 18:07 Go to previous messageGo to next message
Winston Prakash is currently offline Winston Prakash
Messages: 391
Registered: August 2011
Location: Fremont, CA USA
Senior Member
HiK.Z, Sorry about the delay. We were busy with the 3.0.1 release, which happened today. I'm looking at the Role-based Authorization Strategy plugin now.

Winston Prakash
Eclipse Hudson team
icon12.gif  Re: Migration to 3.0 - security problem [message #1020781 is a reply to message #1020765] Mon, 18 March 2013 18:38 Go to previous messageGo to next message
Winston Prakash is currently offline Winston Prakash
Messages: 391
Registered: August 2011
Location: Fremont, CA USA
Senior Member
Updated Role-based Authorization Strategy plugin to 1.1.3-h-1 in the Plugin Central. Be sure to refresh your Plugin Center in Hudson (if it is already running) and install it and let me know if it works for you.

Winston Prakash
Eclipse Hudson team

[Updated on: Mon, 18 March 2013 18:38]

Report message to a moderator

Re: Migration to 3.0 - security problem [message #1032705 is a reply to message #1020781] Wed, 03 April 2013 06:20 Go to previous messageGo to next message
Ireneusz Grala is currently offline Ireneusz Grala
Messages: 10
Registered: March 2013
Junior Member
Hi. I've checked role stategy plugin in hudson 3.0.1. and reported a bug https://bugs.eclipse.org/bugs/show_bug.cgi?id=404794

Short description of a problem.

It seems that role-strategy pluging doesn't save settings made from hudson UI. After adding a new role I've checked hudson-security file. There was no entry describing newly added role.
Re: Migration to 3.0 - security problem [message #1032993 is a reply to message #1032705] Wed, 03 April 2013 14:34 Go to previous messageGo to next message
Winston Prakash is currently offline Winston Prakash
Messages: 391
Registered: August 2011
Location: Fremont, CA USA
Senior Member
We are looking in to this issue

Winston Prakash
Eclipse Hudson team
Re: Migration to 3.0 - security problem [message #1041490 is a reply to message #1032993] Mon, 15 April 2013 03:01 Go to previous messageGo to next message
Ireneusz Grala is currently offline Ireneusz Grala
Messages: 10
Registered: March 2013
Junior Member
Hello, I've found another issue with hudson security. Hudson doesn't save port settings for jnlp connection in hudson security. I've reported a new bug https://bugs.eclipse.org/bugs/show_bug.cgi?id=405684

Best regards
Irek
Re: Migration to 3.0 - security problem [message #1288138 is a reply to message #1041490] Tue, 08 April 2014 06:03 Go to previous messageGo to next message
Lukasz Jader is currently offline Lukasz Jader
Messages: 30
Registered: October 2013
Member
When bug reported by Ireneusz (Hudson security doesn't save jnlp port settings) will be fixed?
Re: Migration to 3.0 - security problem [message #1288179 is a reply to message #1288138] Tue, 08 April 2014 06:40 Go to previous message
Geoff Waymark is currently offline Geoff Waymark
Messages: 22
Registered: July 2012
Junior Member
Hi Lukasz,

This was discussed yesterday in the Hudson Community Meeting.

https://wiki.eclipse.org/Hudson-ci/community_meetings/April072014

It's on the fix list for 3.2.0, as we are upgrading security as part of the 3.2.0 effort. More details on the link.

Once it's fixed are you interested in verifying the change?

Thanks,
Geoff

[Updated on: Tue, 08 April 2014 06:44]

Report message to a moderator

Previous Topic:Classpath in Hudson
Next Topic:Need help configuring Hudson for SSL with Git/Gerrit
Goto Forum:
  


Current Time: Tue Jul 29 17:04:58 EDT 2014

Powered by FUDForum. Page generated in 0.02160 seconds