Issue
-
I cannot login to Jenkins. The Jenkins logs shows an exception similar to
Caused by: org.acegisecurity.AccessDeniedException: Please login to access job <itemName>
at jenkins.model.Jenkins.getItem(Jenkins.java:2399)
at jenkins.model.Jenkins.getItem(Jenkins.java:307)
at jenkins.model.Jenkins.getItemByFullName(Jenkins.java:2505)
at hudson.model.Run.fromExternalizableId(Run.java:2282)
at org.jenkinsci.plugins.workflow.support.steps.ExecutorStepExecution$PlaceholderTask.runForDisplay(ExecutorStepExecution.java:307)
at sun.reflect.GeneratedMethodAccessor959.invoke(Unknown Source)
-
Upstream builds succeed but build logs show the following exception:
Notifying upstream projects of job completion FATAL: Please login to access job upstream org.acegisecurity.AccessDeniedException: Please login to access job <itemName> at jenkins.model.Jenkins.getItem(Jenkins.java:2724) at jenkins.model.Jenkins.getItem(Jenkins.java:324) at jenkins.model.Jenkins.getItemByFullName(Jenkins.java:2830) at jenkins.model.Jenkins.getItemByFullName(Jenkins.java:2849) at jenkins.triggers.ReverseBuildTrigger.shouldTrigger(ReverseBuildTrigger.java:116) at jenkins.triggers.ReverseBuildTrigger.access$000(ReverseBuildTrigger.java:89) at jenkins.triggers.ReverseBuildTrigger$1.shouldTriggerBuild(ReverseBuildTrigger.java:146) at hudson.tasks.BuildTrigger.execute(BuildTrigger.java:247) at hudson.model.AbstractBuild$AbstractBuildExecution.cleanUp(AbstractBuild.java:681) at hudson.model.Build$BuildExecution.cleanUp(Build.java:200) at hudson.model.Run.execute(Run.java:1775) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:404)
Issues Related
-
JENKINS-42556 for PlaceholderTask.runForDisplay
-
JENKINS-42577 for ReverseBuildTrigger.shouldTrigger
-
JENKINS-42586 for OldDataMonitor.referTo
Resolution
This happens when anonymous is granted the permissions Overall/Read and Item/Discover but not Item/Read. This a mode that is used to force login redirects from job URLs. You can find more information about this in the article Q&A: Setting Up Role-based Access Control
The stacktrace may actually exposes a bug for a particular component in Jenkins that does not impersonate as SYSTEM user when accessing an item. A non-exhaustive list of issues is mentioned above. Please check on these Jira to check if there is a fix implemented for it. If you are seeing a similar stacktrace as Please login to access job <itemName> but for a different component/scenario, please open a new Support request for review or directly file a new issue in Jira.
Otherwise, a workaround is to remove the Item/Discover permission from the anonymous user.