Active Directory Plugin configuration issue with groovy

Sarvabhowma1995 · August 10, 2022, 2:44pm

Hi Team,

I am configuring the Active directory authentication with the groovy script. As per the new plugin, I want to create an Active Directory authentication without requireTLS option. hence I am using the below constructor which is presented on the ActiveDirectorySecurityRealm. Even though I am passing all the values, it’s throwing an error saying “could not find matching constructor”. So can anyone please correct me if I am doing anything wrong?

Setup:
Jenkins LTS 2.363 container
Active Directory Plugin 2-25.1

I am using the below constructor from the active directory plugin:
you can find the same from this plugin git repo.

    @DataBoundConstructor
    // as Java signature, this binding doesn't make sense, so please don't use this constructor
    public ActiveDirectorySecurityRealm(String domain, List<ActiveDirectoryDomain> domains, String site, String bindName,
                                        String bindPassword, String server, GroupLookupStrategy groupLookupStrategy, boolean removeIrrelevantGroups, Boolean customDomain, CacheConfiguration cache, Boolean startTls, ActiveDirectoryInternalUsersDatabase internalUsersDatabase, boolean requireTLS) {
        if (customDomain!=null && !customDomain)
            domains = null;
        this.domain = fixEmpty(domain);
        this.server = fixEmpty(server);
        this.domains = domains;
        this.site = fixEmpty(site);
        this.bindName = fixEmpty(bindName);
        this.bindPassword = Secret.fromString(fixEmpty(bindPassword));
        this.groupLookupStrategy = groupLookupStrategy;
        this.removeIrrelevantGroups = removeIrrelevantGroups;
        this.cache = cache;
        this.startTls = startTls;
        this.internalUsersDatabase = internalUsersDatabase;
        this.requireTLS = Boolean.valueOf(requireTLS);
    }

Below is the groovy code:

String server = "192.168.1.1"
String domain = 'domain.com'
String site = 'site'
String bindName = 'user@google.com'
String bindPassword = 'password'
String GroupLookupStrategy = 'Automatic'

adrealm = new hudson.plugins.active_directory.ActiveDirectorySecurityRealm(domain, null, site, bindName, bindPassword, server, GroupLookupStrategy, false, false, null, true, null, false)
instance.setSecurityRealm(adrealm)

def strategy = new hudson.security.FullControlOnceLoggedInAuthorizationStrategy()
instance.setAuthorizationStrategy(strategy)

Below is the error which i am getting:

groovy.lang.GroovyRuntimeException: Could not find matching constructor for: hudson.plugins.active_directory.ActiveDirectorySecurityRealm(java.lang.String, null, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.Boolean, java.lang.Boolean, null, java.lang.Boolean, null, java.lang.Boolean)

halkeye · August 10, 2022, 3:31pm

you may want to try an empty list [] since null is not a type.

Also recommend Configuration as Code instead of custom groovy, as it has better support for only specifying the parameters you need instead of all of them. And less likely to break if the plugin adds a new parameter.

Sarvabhowma1995 · August 11, 2022, 9:02am

@halkeye

Thank you for the message.

Unfortunately, I don’t have the luxury to change many things, currently, I am upgrading the Active Directory plugin from 2-23 to 2-25.1. while upgrading if I disable the requireTLS option, then only authentication is working. it’s expected behavior as I don’t have any certificates.

I have tried with an empty list and it’s the same error I am getting. however, I see there are a couple of other data types which I don’t understand.
For these below items should I give null or should I consider a different type.?

GroupLookupStrategy groupLookupStrategy
CacheConfiguration cache
ActiveDirectoryInternalUsersDatabase internalUsersDatabase

halkeye · August 11, 2022, 3:53pm

I’m out of my depth here. Looking at active-directory-plugin/README.md at b5761582df271b9d2246f59bc385f02c7d116872 · jenkinsci/active-directory-plugin · GitHub you can disable requiretls via the gui but I’m guessing that won’t work for you right?.

Also going to recommend again against using custom groovy to manage plugins. Using configuration as code a lot more maintainable in the long run, you won’t have to figure out which objects are needed. All you would need to do is create a yaml file with configuration-as-code-plugin/demos/active-directory at master · jenkinsci/configuration-as-code-plugin · GitHub (all fields are optional, it would use defaults if you don’t provide any)

Otherwise you’ll have to wait for someone with more groovy experience to help out, sorry

Sarvabhowma1995 · August 15, 2022, 7:22am

Thank you for your help @halkeye

I used configuration as a code plugin which worked like a champ.

Topic		Replies	Views
Jenkins - LDAP/Active Directory Plugin Issues Ask a question	1	472	July 25, 2023
Active Directory Setup Ask a question	3	711	March 16, 2022
Active Directory Plugin: set specific attribute to match against Ask a question	2	386	January 5, 2023
Jenkins - active directory login not working for one specific user Using Jenkins	3	1107	December 10, 2021
No such property: USERNAME for class: groovy.lang.Binding Community pipeline	1	204	March 26, 2024

Active Directory Plugin configuration issue with groovy

Related Topics