javax.servlet.ServletException: net.sf.json.JSONException: A JSONObject text must begin with '{' at character 0 of

Google Groups | kaya...@gmail.com (JIRA) | 1 year ago
  1. 0

    [JIRA] [bitbucket-plugin] (JENKINS-28877) bitbucket can send webhook without user specified

    Google Groups | 1 year ago | kaya...@gmail.com (JIRA)
    javax.servlet.ServletException: net.sf.json.JSONException: A JSONObject text must begin with '{' at character 0 of
  2. 0

    I connected to the Jenkins server. Went to configuration. Clicked the setup security option and chose _Unix user/group database_, _Logged-in users can do anything_ (read only for everyone else). When I clicked the save button I was taken to a page that presented me with the following message: ---- Oops! A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened. Stack trace javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) Caused by: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:441) at jenkins.security.s2m.AdminWhitelistRule.setMasterKillSwitch(AdminWhitelistRule.java:210) at jenkins.security.s2m.MasterKillSwitchConfiguration.configure(MasterKillSwitchConfiguration.java:40) at hudson.security.GlobalSecurityConfiguration.configureDescriptor(GlobalSecurityConfiguration.java:126) at hudson.security.GlobalSecurityConfiguration.configure(GlobalSecurityConfiguration.java:115) at hudson.security.GlobalSecurityConfiguration.doConfigure(GlobalSecurityConfiguration.java:79) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) ... 47 more ---- I tried to search for this issue but I could not get any hits from parts of the first line and if I put the whole text in things started to complain about tabs being unescaped and needing replaced with \t. I also tried to search the user and dev lists but nothing was returned when I searched for the first line. A quick internet search only turned up [http://stackoverflow.com/questions/30279853/jenkins-reconfiguring-security-access-permissions A StackOverflow question on Jenkins - reconfiguring security access permissions] which may provide a way to get me back to no security if needed by setting: <useSecurity>false</useSecurity> in /var/lib/jenkis/config.xml Browsing back to the main dashboard in Jenkin's does not allow me to make any changes, which is as expected if I am not logged in. I then try to login with my unix credentials local to that machine and I am rejected. That would pose another problem, but I am able to revert the behaviour by setting useSecurity to false and restarting the jenkins service. If I try to reproduce the issue but leave the *Authorization* field set to _Anyone can do anything_ I do not see the error repeat. +Work Around+ If after trying the above I set _Logged-in users can do anything_ and click save I do not see a problem (other than I cannot login). +Would Working Security Help?+ If I reset again and click the *Test* button I get a message stating "User 'jenkins' needs to belong to group shadow to read /etc/shadow". Fixing this might also work around the issue: $ sudo adduser jenkins shadow Adding user `jenkins' to group `shadow' ... Adding user jenkins to group shadow Done. $ sudo service jenkins restart #Equivilent of user logout & login Login and press Test. This now reports success. Howerver the issue is still reproducable ---- javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) ... ---- So a working or nonworking security method still hits the stack trace. I am able to login to the system as me after this though, so it is not so bad as the completely foolish thing I did before. +Reproduction+ If I try to repeat the setting of _Unix user/group database_ and _Logged-in users can do anything_ I seem able to reliably cause the error page to come back.

    Jenkins JIRA | 1 year ago | Thomas A. F. Thorne
    javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission
  3. Speed up your debug routine!

    Automated exception search integrated into your IDE

  4. 0

    I connected to the Jenkins server. Went to configuration. Clicked the setup security option and chose _Unix user/group database_, _Logged-in users can do anything_ (read only for everyone else). When I clicked the save button I was taken to a page that presented me with the following message: ---- Oops! A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened. Stack trace javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) Caused by: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:441) at jenkins.security.s2m.AdminWhitelistRule.setMasterKillSwitch(AdminWhitelistRule.java:210) at jenkins.security.s2m.MasterKillSwitchConfiguration.configure(MasterKillSwitchConfiguration.java:40) at hudson.security.GlobalSecurityConfiguration.configureDescriptor(GlobalSecurityConfiguration.java:126) at hudson.security.GlobalSecurityConfiguration.configure(GlobalSecurityConfiguration.java:115) at hudson.security.GlobalSecurityConfiguration.doConfigure(GlobalSecurityConfiguration.java:79) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) ... 47 more ---- I tried to search for this issue but I could not get any hits from parts of the first line and if I put the whole text in things started to complain about tabs being unescaped and needing replaced with \t. I also tried to search the user and dev lists but nothing was returned when I searched for the first line. A quick internet search only turned up [http://stackoverflow.com/questions/30279853/jenkins-reconfiguring-security-access-permissions A StackOverflow question on Jenkins - reconfiguring security access permissions] which may provide a way to get me back to no security if needed by setting: <useSecurity>false</useSecurity> in /var/lib/jenkis/config.xml Browsing back to the main dashboard in Jenkin's does not allow me to make any changes, which is as expected if I am not logged in. I then try to login with my unix credentials local to that machine and I am rejected. That would pose another problem, but I am able to revert the behaviour by setting useSecurity to false and restarting the jenkins service. If I try to reproduce the issue but leave the *Authorization* field set to _Anyone can do anything_ I do not see the error repeat. +Work Around+ If after trying the above I set _Logged-in users can do anything_ and click save I do not see a problem (other than I cannot login). +Would Working Security Help?+ If I reset again and click the *Test* button I get a message stating "User 'jenkins' needs to belong to group shadow to read /etc/shadow". Fixing this might also work around the issue: $ sudo adduser jenkins shadow Adding user `jenkins' to group `shadow' ... Adding user jenkins to group shadow Done. $ sudo service jenkins restart #Equivilent of user logout & login Login and press Test. This now reports success. Howerver the issue is still reproducable ---- javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) ... ---- So a working or nonworking security method still hits the stack trace. I am able to login to the system as me after this though, so it is not so bad as the completely foolish thing I did before. +Reproduction+ If I try to repeat the setting of _Unix user/group database_ and _Logged-in users can do anything_ I seem able to reliably cause the error page to come back.

    Jenkins JIRA | 1 year ago | Thomas A. F. Thorne
    javax.servlet.ServletException: hudson.security.AccessDeniedException2: anonymous is missing the Overall/RunScripts permission

    7 unregistered visitors
    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. javax.servlet.ServletException

      net.sf.json.JSONException: A JSONObject text must begin with '{' at character 0 of

      at org.kohsuke.stapler.Stapler.tryInvoke()
    2. Stapler
      Stapler.service
      1. org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796)
      2. org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      3. org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411)
      4. org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
      5. org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
      6. org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
      7. org.kohsuke.stapler.Stapler.service(Stapler.java:238)
      7 frames