Uploaded image for project: 'Webhook To Jenkins for Bitbucket'
  1. JENK-304

Authorization exception raises 500 error instead of 401

    Details

    • Type: Bug
    • Status: Released
    • Priority: High
    • Resolution: Done
    • Labels:
      None
    • Sprint:
      Development Sprint 30, Development Sprint 31, Development Sprint 32, Development Sprint 33

      Description

      When you click the Trigger Build button and you're unauthorized Jenkins throws a 500 error instead of a 401.

      2019-02-22 18:18:32,979 ERROR [http-nio-7990-exec-1] @HLXNZXx1098x60x0 172.17.0.1 "POST /rest/jenkins/latest/projects/TEST/repos/www/triggerJenkins HTTP/1.1" c.a.p.r.c.e.j.ThrowableExceptionMapper Uncaught exception thrown by REST service: com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource
      com.atlassian.stash.internal.rest.exception.ResourceContextInjectionFailedException: com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource
      at com.atlassian.stash.internal.rest.inject.AbstractResourceInjectable.getValue(AbstractResourceInjectable.java:37)
      at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
      at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
      at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
      at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
      at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)
      at com.atlassian.analytics.client.filter.UniversalAnalyticsFilter.doFilter(UniversalAnalyticsFilter.java:92)
      at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:39)
      at com.atlassian.bitbucket.internal.xcode.web.XcodeUserAgentFilter.doFilter(XcodeUserAgentFilter.java:36)
      at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
      at com.atlassian.plugin.connect.plugin.auth.scope.ApiScopingFilter.doFilter(ApiScopingFilter.java:81)
      at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
      at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:110)
      at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:112)
      at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75)
      at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94)
      at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67)
      at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
      at com.atlassian.plugin.connect.plugin.auth.oauth2.DefaultSalAuthenticationFilter.doFilter(DefaultSalAuthenticationFilter.java:69)
      at com.atlassian.plugin.connect.plugin.auth.user.ThreeLeggedAuthFilter.doFilter(ThreeLeggedAuthFilter.java:109)
      at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:32)
      at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:38)
      at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:39)
      at com.atlassian.bitbucket.internal.scm.git.lfs.servlet.filter.GitLfsLockingFilter.doFilter(GitLfsLockingFilter.java:50)
      at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42)
      at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:90)
      at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73)
      at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:90)
      at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      at java.lang.Thread.run(Thread.java:748)
      ... 239 frames trimmed
      Caused by: com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource
      at com.atlassian.stash.internal.aop.ExceptionRewriteAdvice.afterThrowing(ExceptionRewriteAdvice.java:37)
      at com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26)
      at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
      at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
      at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70)
      at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53)
      at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
      at com.atlassian.stash.internal.rest.inject.RepositoryInjectable.doGetValue(RepositoryInjectable.java:43)
      at com.atlassian.stash.internal.rest.inject.RepositoryInjectable.doGetValue(RepositoryInjectable.java:25)
      at com.atlassian.stash.internal.rest.inject.AbstractResourceInjectable.getValue(AbstractResourceInjectable.java:33)
      ... 31 common frames omitted
      Caused by: org.springframework.security.access.AccessDeniedException: Access is denied
      at org.springframework.security.access.expression.method.ExpressionBasedPostInvocationAdvice.after(ExpressionBasedPostInvocationAdvice.java:77)
      ... 40 common frames omitted

        Attachments

          Activity

            People

            • Assignee:
              andrey1 Andrey Levchenko
              Reporter:
              mohammed Mohammed Davoodi
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Upwork Job Post