javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission

Jenkins JIRA | Thomas A. F. Thorne | 1 year ago
  1. 0

    Jenkins - reconfiguring security access permissions

    Stack Overflow | 2 years ago
    javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission
  2. 0

    I connected to the Jenkins server. Went to configuration. Clicked the setup security option and chose _Unix user/group database_, _Logged-in users can do anything_ (read only for everyone else). When I clicked the save button I was taken to a page that presented me with the following message: ---- Oops! A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened. Stack trace javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) Caused by: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:441) at jenkins.security.s2m.AdminWhitelistRule.setMasterKillSwitch(AdminWhitelistRule.java:210) at jenkins.security.s2m.MasterKillSwitchConfiguration.configure(MasterKillSwitchConfiguration.java:40) at hudson.security.GlobalSecurityConfiguration.configureDescriptor(GlobalSecurityConfiguration.java:126) at hudson.security.GlobalSecurityConfiguration.configure(GlobalSecurityConfiguration.java:115) at hudson.security.GlobalSecurityConfiguration.doConfigure(GlobalSecurityConfiguration.java:79) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) ... 47 more ---- I tried to search for this issue but I could not get any hits from parts of the first line and if I put the whole text in things started to complain about tabs being unescaped and needing replaced with \t. I also tried to search the user and dev lists but nothing was returned when I searched for the first line. A quick internet search only turned up [http://stackoverflow.com/questions/30279853/jenkins-reconfiguring-security-access-permissions A StackOverflow question on Jenkins - reconfiguring security access permissions] which may provide a way to get me back to no security if needed by setting: <useSecurity>false</useSecurity> in /var/lib/jenkis/config.xml Browsing back to the main dashboard in Jenkin's does not allow me to make any changes, which is as expected if I am not logged in. I then try to login with my unix credentials local to that machine and I am rejected. That would pose another problem, but I am able to revert the behaviour by setting useSecurity to false and restarting the jenkins service. If I try to reproduce the issue but leave the *Authorization* field set to _Anyone can do anything_ I do not see the error repeat. +Work Around+ If after trying the above I set _Logged-in users can do anything_ and click save I do not see a problem (other than I cannot login). +Would Working Security Help?+ If I reset again and click the *Test* button I get a message stating "User 'jenkins' needs to belong to group shadow to read /etc/shadow". Fixing this might also work around the issue: $ sudo adduser jenkins shadow Adding user `jenkins' to group `shadow' ... Adding user jenkins to group shadow Done. $ sudo service jenkins restart #Equivilent of user logout & login Login and press Test. This now reports success. Howerver the issue is still reproducable ---- javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) ... ---- So a working or nonworking security method still hits the stack trace. I am able to login to the system as me after this though, so it is not so bad as the completely foolish thing I did before. +Reproduction+ If I try to repeat the setting of _Unix user/group database_ and _Logged-in users can do anything_ I seem able to reliably cause the error page to come back.

    Jenkins JIRA | 1 year ago | Thomas A. F. Thorne
    javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission
  3. 0

    I connected to the Jenkins server. Went to configuration. Clicked the setup security option and chose _Unix user/group database_, _Logged-in users can do anything_ (read only for everyone else). When I clicked the save button I was taken to a page that presented me with the following message: ---- Oops! A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened. Stack trace javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) Caused by: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:441) at jenkins.security.s2m.AdminWhitelistRule.setMasterKillSwitch(AdminWhitelistRule.java:210) at jenkins.security.s2m.MasterKillSwitchConfiguration.configure(MasterKillSwitchConfiguration.java:40) at hudson.security.GlobalSecurityConfiguration.configureDescriptor(GlobalSecurityConfiguration.java:126) at hudson.security.GlobalSecurityConfiguration.configure(GlobalSecurityConfiguration.java:115) at hudson.security.GlobalSecurityConfiguration.doConfigure(GlobalSecurityConfiguration.java:79) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) ... 47 more ---- I tried to search for this issue but I could not get any hits from parts of the first line and if I put the whole text in things started to complain about tabs being unescaped and needing replaced with \t. I also tried to search the user and dev lists but nothing was returned when I searched for the first line. A quick internet search only turned up [http://stackoverflow.com/questions/30279853/jenkins-reconfiguring-security-access-permissions A StackOverflow question on Jenkins - reconfiguring security access permissions] which may provide a way to get me back to no security if needed by setting: <useSecurity>false</useSecurity> in /var/lib/jenkis/config.xml Browsing back to the main dashboard in Jenkin's does not allow me to make any changes, which is as expected if I am not logged in. I then try to login with my unix credentials local to that machine and I am rejected. That would pose another problem, but I am able to revert the behaviour by setting useSecurity to false and restarting the jenkins service. If I try to reproduce the issue but leave the *Authorization* field set to _Anyone can do anything_ I do not see the error repeat. +Work Around+ If after trying the above I set _Logged-in users can do anything_ and click save I do not see a problem (other than I cannot login). +Would Working Security Help?+ If I reset again and click the *Test* button I get a message stating "User 'jenkins' needs to belong to group shadow to read /etc/shadow". Fixing this might also work around the issue: $ sudo adduser jenkins shadow Adding user `jenkins' to group `shadow' ... Adding user jenkins to group shadow Done. $ sudo service jenkins restart #Equivilent of user logout & login Login and press Test. This now reports success. Howerver the issue is still reproducable ---- javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) ... ---- So a working or nonworking security method still hits the stack trace. I am able to login to the system as me after this though, so it is not so bad as the completely foolish thing I did before. +Reproduction+ If I try to repeat the setting of _Unix user/group database_ and _Logged-in users can do anything_ I seem able to reliably cause the error page to come back.

    Jenkins JIRA | 1 year ago | Thomas A. F. Thorne
    javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    [~danielbeck] suggests perhaps defaulting the realm to "Jenkins own database". Exception: {code} hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:441) at jenkins.model.Jenkins.getTarget(Jenkins.java:3809) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:674) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) {code}

    Jenkins JIRA | 1 year ago | Tom FENNELLY
    hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission
  6. 0

    Unable to login after modifying user permissions accidently. Stack Trace hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:441) at jenkins.model.Jenkins.getTarget(Jenkins.java:3825) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:674) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:744)

    Jenkins JIRA | 1 year ago | Abhishek Sharma
    hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission

    1 unregistered visitors
    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. hudson.security.AccessDeniedException2

      anonymous is missing the Overall/RunScripts permission

      at hudson.security.ACL.checkPermission()
    2. Hudson
      Node.checkPermission
      1. hudson.security.ACL.checkPermission(ACL.java:63)
      2. hudson.model.Node.checkPermission(Node.java:441)
      2 frames
    3. jenkins.security.s2m
      MasterKillSwitchConfiguration.configure
      1. jenkins.security.s2m.AdminWhitelistRule.setMasterKillSwitch(AdminWhitelistRule.java:210)
      2. jenkins.security.s2m.MasterKillSwitchConfiguration.configure(MasterKillSwitchConfiguration.java:40)
      2 frames
    4. Hudson
      GlobalSecurityConfiguration.doConfigure
      1. hudson.security.GlobalSecurityConfiguration.configureDescriptor(GlobalSecurityConfiguration.java:126)
      2. hudson.security.GlobalSecurityConfiguration.configure(GlobalSecurityConfiguration.java:115)
      3. hudson.security.GlobalSecurityConfiguration.doConfigure(GlobalSecurityConfiguration.java:79)
      3 frames
    5. Java RT
      Method.invoke
      1. sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      2. sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      3. sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      4. java.lang.reflect.Method.invoke(Method.java:606)
      4 frames
    6. Stapler
      Stapler.service
      1. org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
      2. org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
      3. org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
      4. org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121)
      5. org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
      6. org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
      7. org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      8. org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411)
      9. org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
      10. org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      11. org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
      12. org.kohsuke.stapler.Stapler.service(Stapler.java:238)
      12 frames
    7. JavaServlet
      HttpServlet.service
      1. javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
      1 frame
    8. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686)
      2. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494)
      2 frames
    9. Hudson
      PluginServletFilter.doFilter
      1. hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123)
      2. hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114)
      2 frames
    10. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
      1 frame
    11. Hudson
      CrumbFilter.doFilter
      1. hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
      1 frame
    12. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
      1 frame
    13. Hudson
      HudsonFilter.doFilter
      1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      2. hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
      3. hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      3 frames
    14. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
      1 frame
    15. Stapler
      CompressionFilter.doFilter
      1. org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      1 frame
    16. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
      1 frame
    17. Hudson
      CharacterEncodingFilter.doFilter
      1. hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
      1 frame
    18. Jetty
      ServletHandler$CachedChain.doFilter
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
      1 frame
    19. Stapler
      DiagnosticThreadNameFilter.doFilter
      1. org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      1 frame
    20. Jetty
      AsyncHttpConnection.handle
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
      2. org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
      3. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
      4. org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
      5. org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
      6. org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
      7. org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
      8. org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
      9. org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
      10. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
      11. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
      12. org.eclipse.jetty.server.Server.handle(Server.java:370)
      13. org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
      14. org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960)
      15. org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021)
      16. org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
      17. org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
      18. org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
      18 frames
    21. GWT dev
      SelectChannelEndPoint$1.run
      1. org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
      2. org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
      2 frames
    22. winstone
      BoundedExecutorService$1.run
      1. winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
      1 frame
    23. Java RT
      Thread.run
      1. java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
      2. java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
      3. java.lang.Thread.run(Thread.java:745)
      3 frames