SecurityException Rejected Nested Runtime Exception

Issue

I am receiving the following error message in my logs (or console output):

java.lang.SecurityException: Rejected: org.springframework.core.NestedRuntimeException
    at hudson.remoting.ClassFilter.check(ClassFilter.java:44)
    at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:111)
    at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1620)

Environment

  • Jenkins
  • CloudBees Jenkins Enterprise

Related Issue

JENKINS-33999

Resolution

In new versions of Jenkins core is a security mechanism to prevent unwanted classes from being returned from node machines.

There is a workaround which will require a Jenkins restart.

Create a file on the Jenkins master.

In the file add the following:

^com[.]google[.]inject[.].*
^com[.]sun[.]jndi[.]rmi[.].*
^java[.]rmi[.].*
^org[.]apache[.]commons[.]beanutils[.].*
^org[.]apache[.]commons[.]collections[.]functors[.].*
.*org[.]apache[.]xalan.*
^org[.]codehaus[.]groovy[.]runtime[.].*
^org[.]hibernate[.].*
^org[.]springframework[.](?!(\p{Alnum}+[.])*\p{Alnum}*Exception$).*
^sun[.]rmi[.].*

After you add the above to the file then save the content.

Next step please change the Jenkins JAVA_ARGS and add the following:

-Dhudson.remoting.ClassFilter.DEFAULTS_OVERRIDE_LOCATION=

After the = add the fully qualified path to the file created above.

Start up the Jenkins service again and the error message should go away.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.