Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11866

OpenID plugin does not work with SSL-only Jenkins

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Minor
    • Resolution: Not A Defect
    • Component/s: openid-plugin
    • Labels:
    • Environment:
      Debian Linux (wheezy), OpenJDK 6
    • Similar Issues:

      Description

      I have created a self signed cert for use with Jenkins (Winstone) so
      that I can run under SSL:
      keytool -v -genkey -alias jenkins -keypass donttell -storepass donttell -keyalg RSA -keystore jenkins.ks

      And then I have started Jenkins to run more securely by enabling
      only the SSL port (and insuring the AJP port is only accessible
      by localhost):
      java -jar /var/lib/jenkins/bin/jenkins.war --httpPort=-1 --ajp13port=8009 --ajp13ListenAddress=127.0.0.1 --httpsPort=8443 --httpsKeyStore=/var/lib/jenkins/jenkins.ks --httpsKeyStorePassword=donttell

      When attempting to add an OpenID I am directed to the provider,
      authenticate, but I'm redirected back to
      {{ http://mysite:8080/federatedLoginService/openid/finish... }} instead of
      {{ https://mysite:8443/federatedLoginService/openid/finish... }}.

      It is highly likely that this cannot be debugged until there is a
      resolution to JENKINS-11746 (as hand fixing the URL above results in
      an NPE).

        Attachments

          Activity

          Hide
          tmarble Tom Marble added a comment -

          Hmmm I realize my Jenkins URL was not set correctly in the main config dialog

          As soon as JENKINS-11746 is resolved I'll try again.

          Show
          tmarble Tom Marble added a comment - Hmmm I realize my Jenkins URL was not set correctly in the main config dialog As soon as JENKINS-11746 is resolved I'll try again.
          Hide
          kylecordes kylecordes added a comment -

          As of version 1.7 at least (I didn't check anything older back) SSL-only with OpenID works 100% fine (at least for us).

          Show
          kylecordes kylecordes added a comment - As of version 1.7 at least (I didn't check anything older back) SSL-only with OpenID works 100% fine (at least for us).
          Hide
          kohsuke Kohsuke Kawaguchi added a comment -

          This is because Jenkins root URL is not set correctly.

          Show
          kohsuke Kohsuke Kawaguchi added a comment - This is because Jenkins root URL is not set correctly.

            People

            Assignee:
            kohsuke Kohsuke Kawaguchi
            Reporter:
            tmarble Tom Marble
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: