[
https://issues.jenkins-ci.org/browse/JENKINS-1684?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thorsten Löber reopened JENKINS-1684:
-------------------------------------
Currently exactly the same happens to us again.
> 403 errors on project configuration with matrix-based security
> --------------------------------------------------------------
>
> Key: JENKINS-1684
> URL: https://issues.jenkins-ci.org/browse/JENKINS-1684
> Project: Jenkins
> Issue Type: Bug
> Components: security
> Affects Versions: current
> Environment: Platform: All, OS: All
> Reporter: shamoh
> Priority: Critical
> Attachments: 0-hudson-developer-permissions.png,
> 1-hudson-developer-new_job.png, 2-hudson-developer-job_edit.png,
> screenshot-1.jpg
>
>
> Kirk True <kt...@linkedin.com> wrote to mailing list:
> --
> Hi all,
> We're running 1.198 and are trying to switch over to matrix-based security,
> but
> we're seeing some issues.
> I have defined a user that has all permissions (job create, configure, etc.)
> *except* Administer (under the "Overall" section).
> When that user views an existing job configuration screen, we see the
> following
> error under the "Repository URL" and "Repository browser" URL sections:
> Status Code: 403
> Exception:
> Stacktrace:
> (none)
> Attempting to save the configuration as this user doesn't work either as we
> get
> the same 403 error on a screen all by itself. However, nothing seems to show
> up
> in the logs.
> When that user attempts to create a new job, we get a new job configuration
> screen (which has the same ‘403’ error right under the new job name), but this
> time I see some output in the logs:
> [webapp 2008/05/05 22:31:09] - Error while serving
> http://hudson.qa.linkedin.com:8080null
> java.lang.reflect.InvocationTargetException
> at sun.reflect.GeneratedMethodAccessor748.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:103)
> at org.kohsuke.stapler.Function.bindAndinvoke(Function.java:57)
> at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:69)
> at
> org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:365)
> at org.kohsuke.stapler.MetaClass$9.doDispatch(MetaClass.java:248)
> at
> org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:365)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:301)
> at org.kohsuke.stapler.Stapler.service(Stapler.java:98)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:45)
> at
> winstone.ServletConfiguration.execute(ServletConfiguration.java:249)
> at winstone.RequestDispatcher.forward(RequestDispatcher.java:335)
> at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:378)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:52)
> at
> hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:28)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:44)
> at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
> at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
> at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
> at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
> at
> winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
> at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: java.lang.IllegalStateException: OutputStream already committed
> at winstone.WinstoneResponse.sendRedirect(WinstoneResponse.java:723)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:70)
> at
> org.acegisecurity.context.HttpSessionContextIntegrationFilter$OnRedirectUpdateSessionResponseWrapper.sendRedirect(HttpSessionContextIntegrationFilter.java:525)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:70)
> at hudson.model.Job.doConfigSubmit(Job.java:738)
> at
> hudson.model.AbstractProject.doConfigSubmit(AbstractProject.java:292)
> ... 40 more
> [Winstone 2008/05/05 22:31:09] - Untrapped Error in Servlet
> java.lang.IllegalStateException: OutputStream already committed
> at winstone.WinstoneResponse.sendRedirect(WinstoneResponse.java:723)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:70)
> at
> org.acegisecurity.context.HttpSessionContextIntegrationFilter$OnRedirectUpdateSessionResponseWrapper.sendRedirect(HttpSessionContextIntegrationFilter.java:525)
> at
> javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:70)
> at hudson.model.Job.doConfigSubmit(Job.java:738)
> at
> hudson.model.AbstractProject.doConfigSubmit(AbstractProject.java:292)
> at sun.reflect.GeneratedMethodAccessor748.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:103)
> at org.kohsuke.stapler.Function.bindAndinvoke(Function.java:57)
> at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:69)
> at
> org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:365)
> at org.kohsuke.stapler.MetaClass$9.doDispatch(MetaClass.java:248)
> at
> org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:365)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:301)
> at org.kohsuke.stapler.Stapler.service(Stapler.java:98)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:45)
> at
> winstone.ServletConfiguration.execute(ServletConfiguration.java:249)
> at winstone.RequestDispatcher.forward(RequestDispatcher.java:335)
> at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:378)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:52)
> at
> hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:28)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:44)
> at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
> at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
> at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
> at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
> at
> winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
> at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
> at java.lang.Thread.run(Thread.java:595)
> javax.servlet.ServletException: OutputStream already committed
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:374)
> at org.kohsuke.stapler.MetaClass$9.doDispatch(MetaClass.java:248)
> at
> org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:365)
> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:301)
> at org.kohsuke.stapler.Stapler.service(Stapler.java:98)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:45)
> at
> winstone.ServletConfiguration.execute(ServletConfiguration.java:249)
> at winstone.RequestDispatcher.forward(RequestDispatcher.java:335)
> at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:378)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:52)
> at
> hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:28)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:166)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
> at
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
> at
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:44)
> at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
> at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
> at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
> at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
> at
> winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
> at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
> at java.lang.Thread.run(Thread.java:595)
> Any ideas?
> Kirk
> --
> I have same problem with last version of Hudson 1.213.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
