I'm running 2.36 and 2.38 on two different instances. I have my security configuration configured identically in both:
Domain: forest.tld
Domain controller: <blank>
Site: mysite
Bind DN: cn=jenkins,cn=service accounts,dc=forest,dc=tld
Bind Password: *****
TLS Configuration: (Insecure) Trust all Certificates
Advanced:
Group Membership Lookup Strategy: Automatic
Enabled StartTls: Disabled
Use Jenkins Internal Database: Enabled
Remove irrelevant group: Enabled
In 2.36, Test Domain returns Success.
In 2.38, Test Domain returns the error below. It seems to be trying port 3269 instead of 3268.
java.net.SocketException: Connection or outbound has closed
at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(Unknown Source)
at java.base/java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.base/java.io.BufferedOutputStream.flush(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
Caused: javax.naming.CommunicationException: simple bind failed: dc1ops-p-dc02.dc1.taillight.corp:3269 [Root exception is java.net.SocketException: Connection or outbound has closed]
at java.naming/com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.ensureOpen(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.ensureOpen(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.reconnect(Unknown Source)
at java.naming/javax.naming.ldap.InitialLdapContext.reconnect(Unknown Source)
at PluginClassLoader for active-directory//hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:765)
at PluginClassLoader for active-directory//hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:646)
at PluginClassLoader for active-directory//hudson.plugins.active_directory.ActiveDirectoryDomain$DescriptorImpl.doValidateTest(ActiveDirectoryDomain.java:381)
at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(Unknown Source)
at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:416)
at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:429)
at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:79)
at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:211)
at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:138)
at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:644)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:61)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:827)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:327)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:61)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:827)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:898)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.MetaClass$9.dispatch(MetaClass.java:548)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:827)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:747)
at org.kohsuke.stapler.Stapler.service(Stapler.java:253)
at Jenkins Main ClassLoader//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:163)
at PluginClassLoader for sse-gateway//org.jenkinsci.plugins.ssegateway.Endpoint$SSEListenChannelFilter.doFilter(Endpoint.java:248)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for atlassian-bitbucket-server-integration//com.atlassian.bitbucket.jenkins.internal.applink.oauth.serviceprovider.auth.OAuth1aRequestFilter.doFilter(OAuth1aRequestFilter.java:76)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for blueocean-web//io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for blueocean-jwt//io.jenkins.blueocean.auth.jwt.impl.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:60)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for monitoring//net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:239)
at PluginClassLoader for monitoring//net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:215)
at PluginClassLoader for monitoring//net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:88)
at PluginClassLoader for monitoring//org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:121)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at jenkins.util.HttpServletFilter$1.doFilter(HttpServletFilter.java:76)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:166)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at jenkins.ErrorAttributeFilter.doFilter(ErrorAttributeFilter.java:29)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:31)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131)
at Jenkins Main ClassLoader//org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:569)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1580)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1384)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1553)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1306)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.Server.handle(Server.java:563)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287)
at Jenkins Main ClassLoader//org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at Jenkins Main ClassLoader//org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at Jenkins Main ClassLoader//org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at java.base/java.lang.Thread.run(Unknown Source)
As a workaround, if I configure Domain controller with server1.forest.tld:3268,server2.forest.tld:3268, it works just fine.
Originally reported by johnhossbach, imported from: Active Directory plugin v2.38 Breaks insecure connections
- assignee:
fbelzunc
- status: Open
- priority: Blocker
- component(s): active-directory-plugin
- resolution: Unresolved
- votes: 0
- watchers: 3
- imported: 2025-12-07
Raw content of original issue
I'm running 2.36 and 2.38 on two different instances. I have my security configuration configured identically in both:
Domain: forest.tld
Domain controller: <blank>
Site: mysite
Bind DN: cn=jenkins,cn=service accounts,dc=forest,dc=tld
Bind Password: *****
TLS Configuration: (Insecure) Trust all Certificates
Advanced:
Group Membership Lookup Strategy: Automatic
Enabled StartTls: Disabled
Use Jenkins Internal Database: Enabled
Remove irrelevant group: Enabled
In 2.36, Test Domain returns Success.
In 2.38, Test Domain returns the error below. It seems to be trying port 3269 instead of 3268.
java.net.SocketException: Connection or outbound has closed
at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(Unknown Source)
at java.base/java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.base/java.io.BufferedOutputStream.flush(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
Caused: javax.naming.CommunicationException: simple bind failed: dc1ops-p-dc02.dc1.taillight.corp:3269 [Root exception is java.net.SocketException: Connection or outbound has closed]
at java.naming/com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.ensureOpen(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.ensureOpen(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.reconnect(Unknown Source)
at java.naming/javax.naming.ldap.InitialLdapContext.reconnect(Unknown Source)
at PluginClassLoader for active-directory//hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:765)
at PluginClassLoader for active-directory//hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DescriptorImpl.bind(ActiveDirectorySecurityRealm.java:646)
at PluginClassLoader for active-directory//hudson.plugins.active_directory.ActiveDirectoryDomain$DescriptorImpl.doValidateTest(ActiveDirectoryDomain.java:381)
at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(Unknown Source)
at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:416)
at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:429)
at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:79)
at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:211)
at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:138)
at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:644)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:61)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:827)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:327)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:61)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:827)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:898)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.MetaClass$9.dispatch(MetaClass.java:548)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:827)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:965)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:747)
at org.kohsuke.stapler.Stapler.service(Stapler.java:253)
at Jenkins Main ClassLoader//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:163)
at PluginClassLoader for sse-gateway//org.jenkinsci.plugins.ssegateway.Endpoint$SSEListenChannelFilter.doFilter(Endpoint.java:248)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for atlassian-bitbucket-server-integration//com.atlassian.bitbucket.jenkins.internal.applink.oauth.serviceprovider.auth.OAuth1aRequestFilter.doFilter(OAuth1aRequestFilter.java:76)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for blueocean-web//io.jenkins.blueocean.ResourceCacheControl.doFilter(ResourceCacheControl.java:134)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for blueocean-jwt//io.jenkins.blueocean.auth.jwt.impl.JwtAuthenticationFilter.doFilter(JwtAuthenticationFilter.java:60)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at PluginClassLoader for monitoring//net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:239)
at PluginClassLoader for monitoring//net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:215)
at PluginClassLoader for monitoring//net.bull.javamelody.PluginMonitoringFilter.doFilter(PluginMonitoringFilter.java:88)
at PluginClassLoader for monitoring//org.jvnet.hudson.plugins.monitoring.HudsonMonitoringFilter.doFilter(HudsonMonitoringFilter.java:121)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at jenkins.util.HttpServletFilter$1.doFilter(HttpServletFilter.java:76)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:160)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:166)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at jenkins.ErrorAttributeFilter.doFilter(ErrorAttributeFilter.java:29)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:154)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:94)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:111)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:172)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:53)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:86)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:31)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:38)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131)
at Jenkins Main ClassLoader//org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:569)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1580)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1384)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
at Jenkins Main ClassLoader//org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1553)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1306)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.Server.handle(Server.java:563)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
at Jenkins Main ClassLoader//org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287)
at Jenkins Main ClassLoader//org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314)
at Jenkins Main ClassLoader//org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
at Jenkins Main ClassLoader//org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
at Jenkins Main ClassLoader//org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
at java.base/java.lang.Thread.run(Unknown Source)
As a workaround, if I configure Domain controller with server1.forest.tld:3268,server2.forest.tld:3268, it works just fine.
I'm running 2.36 and 2.38 on two different instances. I have my security configuration configured identically in both:
In 2.36, Test Domain returns Success.
In 2.38, Test Domain returns the error below. It seems to be trying port 3269 instead of 3268.
As a workaround, if I configure Domain controller with server1.forest.tld:3268,server2.forest.tld:3268, it works just fine.
Originally reported by johnhossbach, imported from: Active Directory plugin v2.38 Breaks insecure connections
Raw content of original issue