Load Session Error in Jenkins

[Vinod Kumar]

Hi All,

I am trying to load an existing session in my jenkins server to make my Zap job run in CI/CD.

I have added all 4 sessions file into my home dir. 

Jenkins.session

Jenkins.session.data

Jenkins.session.script

Jenkins.session.properties

I have also changed mode to 777 to prevent any access or owner rules issues. 

Jenkins is able to detect the session file as i can pick up the session in Jenkins UI, but, when i try to build, i receive this error. Any idea whats the problem?

Thanks.

**************************************

[ZAP Jenkins Plugin] LOAD SESSION AT: [ /var/lib/jenkins/workspace/Security-EHR/EHR_Jenkins.session ] 6856 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 6864 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit end 6880 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Database closed 7032 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB7841255B07.ENGINE - checkpointClose start 7032 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB7841255B07.ENGINE - checkpointClose synched 7040 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB7841255B07.ENGINE - checkpointClose script done 7059 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB7841255B07.ENGINE - checkpointClose end 7132 [ZAP-ProxyThread-2] ERROR org.zaproxy.zap.extension.api.CoreAPI - Failed to load the session: org.parosproxy.paros.db.DatabaseException: java.sql.SQLSyntaxErrorException: user lacks privilege or object not found: PUBLIC.HISTORY in statement [ALTER TABLE HISTORY ADD COLUMN TAG VARCHAR(32768) DEFAULT ''] at org.parosproxy.paros.db.paros.ParosTableHistory.updateTable(ParosTableHistory.java:378) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.db.paros.ParosTableHistory.reconnect(ParosTableHistory.java:140) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.db.paros.ParosAbstractTable.databaseOpen(ParosAbstractTable.java:52) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.db.AbstractDatabase.notifyListenersDatabaseOpen(AbstractDatabase.java:114) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.db.paros.ParosDatabase.open(ParosDatabase.java:153) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.model.Session.open(Session.java:298) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.model.Model.openSession(Model.java:145) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.control.Control.runCommandLineOpenSession(Control.java:447) ~[zap-2.10.0.jar:2.10.0] at org.zaproxy.zap.extension.api.CoreAPI.handleApiAction(CoreAPI.java:587) [zap-2.10.0.jar:2.10.0] at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:507) [zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:497) [zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:333) [zap-2.10.0.jar:2.10.0] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_252] Caused by: java.sql.SQLSyntaxErrorException: user lacks privilege or object not found: PUBLIC.HISTORY in statement [ALTER TABLE HISTORY ADD COLUMN TAG VARCHAR(32768) DEFAULT ''] at org.hsqldb.jdbc.JDBCUtil.sqlException(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.jdbc.JDBCUtil.sqlException(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.jdbc.JDBCPreparedStatement.<init>(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.jdbc.JDBCConnection.prepareStatement(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.parosproxy.paros.db.DbUtils.execute(DbUtils.java:251) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.db.paros.ParosTableHistory.updateTable(ParosTableHistory.java:261) ~[zap-2.10.0.jar:2.10.0] ... 12 more Caused by: org.hsqldb.HsqlException: user lacks privilege or object not found: PUBLIC.HISTORY at org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.error.Error.error(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.SchemaManager.getUserTable(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.ParserDDL.compileAlterTable(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.ParserDDL.compileAlter(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.ParserCommand.compilePart(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.ParserCommand.compileStatement(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.Session.compileStatement(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.StatementManager.compile(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.Session.execute(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.jdbc.JDBCPreparedStatement.<init>(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.hsqldb.jdbc.JDBCConnection.prepareStatement(Unknown Source) ~[hsqldb-2.5.1.jar:2.5.1] at org.parosproxy.paros.db.DbUtils.execute(DbUtils.java:251) ~[zap-2.10.0.jar:2.10.0] at org.parosproxy.paros.db.paros.ParosTableHistory.updateTable(ParosTableHistory.java:261) ~[zap-2.10.0.jar:2.10.0] ... 12 more ERROR: org.zaproxy.clientapi.core.ClientApiException: Internal Error at org.zaproxy.clientapi.core.ApiResponseFactory.getResponse(ApiResponseFactory.java:32) at org.zaproxy.clientapi.core.ClientApi.callApi(ClientApi.java:312) at org.zaproxy.clientapi.gen.Core.loadSession(Core.java:266) at org.jenkinsci.plugins.zap.ZAPDriver.executeZAP(ZAPDriver.java:1140) at org.jenkinsci.plugins.zap.ZAPBuilder$ZAPDriverCallable.invoke(ZAPBuilder.java:448) at org.jenkinsci.plugins.zap.ZAPBuilder$ZAPDriverCallable.invoke(ZAPBuilder.java:436) at hudson.FilePath.act(FilePath.java:1075) at hudson.FilePath.act(FilePath.java:1058) at org.jenkinsci.plugins.zap.ZAPBuilder.perform(ZAPBuilder.java:292) at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:741) at hudson.model.Build$BuildExecution.build(Build.java:206) at hudson.model.Build$BuildExecution.doRun(Build.java:163) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:504) at hudson.model.Run.execute(Run.java:1880) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:97) at hudson.model.Executor.run(Executor.java:428) 

[thc...@gmail.com]

Hi.

I'd say that the job might be running in a different machine than where
the session is, thus not finding it.

Best regards.

[Vinod Kumar]

I don't think that might be an issue given that i am able to pick up the session in the jenkins job config

This is the folder i also have the other session files.

Is there any doc that gives more explanation on loading sessions in Jenkins?

--
You received this message because you are subscribed to a topic in the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-users/O5CzTRFtN08/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/a48b8027-a7f3-0412-ae31-65ba685bb362%40gmail.com.

[thc...@gmail.com]

That does not mean much though, if the job is executed in other machine
the session will not be there (the plugin does not copy it, you would
have to make sure it's there).

I'm afraid not, the only docs are the ones in the Jenkins wiki.

Best regards.

[Vinod Kumar]

Actually i think i was able to narrow it down to permissions issue on my linux box. 

When i open the "session.script" file in my local i can see that it's able to create the tables. 

However the same script file is throwing error in creating the table in my linux VM. that makes sense since the user is defaulted to SA in my local and i dont have that user in my linux box.

Any idea where I can change the script to login as a diff user?

To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/2a9df5ae-7eaf-e1e2-8838-822076579ffd%40gmail.com.