-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Jenkins 1.480.2
Crowd2 plugin 1.5
Crowd 2.5.3
The logfile of Crowd contain lots of periodic requests coming from Jenkins. They occur every 5 seconds and are always the same. The following snippet from the log file shows the requests while one user (foo) is logged into Jenkins.
127.0.0.1 - - [08/Feb/2013:14:09:41 +0100] "POST /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00 HTTP/1.1" 200 346 127.0.0.1 - - [08/Feb/2013:14:09:41 +0100] "POST /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00 HTTP/1.1" 200 346 127.0.0.1 - - [08/Feb/2013:14:09:41 +0100] "GET /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00?expand=user HTTP/1.1" 200 752 127.0.0.1 - - [08/Feb/2013:14:09:41 +0100] "GET /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00?expand=user HTTP/1.1" 200 752 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/group?groupname=jenkins-users HTTP/1.1" 200 381 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/group?groupname=jenkins-users HTTP/1.1" 200 381 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/group/user/direct?groupname=jenkins-users&username=foo HTTP/1.1" 404 129 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/group/user/direct?groupname=jenkins-users&username=foo HTTP/1.1" 404 129 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/group/user/nested?groupname=jenkins-users&username=foo HTTP/1.1" 200 173 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/group/user/nested?groupname=jenkins-users&username=foo HTTP/1.1" 200 173 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 987 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 987 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 4374 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 4374 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:42 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "POST /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00 HTTP/1.1" 200 346 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "POST /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00 HTTP/1.1" 200 346 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00?expand=user HTTP/1.1" 200 752 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/session/fZ2pVLxOteqInIc0VYr0tQ00?expand=user HTTP/1.1" 200 752 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/group?groupname=jenkins-users HTTP/1.1" 200 381 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/group?groupname=jenkins-users HTTP/1.1" 200 381 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/group/user/direct?groupname=jenkins-users&username=foo HTTP/1.1" 404 129 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/group/user/direct?groupname=jenkins-users&username=foo HTTP/1.1" 404 129 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/group/user/nested?groupname=jenkins-users&username=foo HTTP/1.1" 200 173 127.0.0.1 - - [08/Feb/2013:14:09:47 +0100] "GET /rest/usermanagement/1/group/user/nested?groupname=jenkins-users&username=foo HTTP/1.1" 200 173 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 987 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 987 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/direct?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 4374 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=0&max-results=500&expand=group HTTP/1.1" 200 4374 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79 127.0.0.1 - - [08/Feb/2013:14:09:48 +0100] "GET /rest/usermanagement/1/user/group/nested?username=foo&start-index=500&max-results=500&expand=group HTTP/1.1" 200 79
The "Session validation interval" in the Crowd2 configuration is set to 10 (minutes?). Well, the configuration form always reverts back to 2 which seems to be a bug. However, the config.xml contains the correct value of 10.
Anyway, for some reason this value seems to be ignored completely.
- depends on
-
-
- Closed
-
- duplicates
-
-
- Closed
-
[JENKINS-16703] Too many periodic requests to Crowd server
René Zanner
added a comment - I attached the log file of a single 
login after a Jenkins restart. However, it is still incomplete and contains the last 760 or so lines!
(I used the "System Log" facility in "Manage Jenkins" to turn on "ALL" logging for "de.theit.jenkins.crowd" and "com.atlassian.crowd.integration" loggers.)
The requests from Jenkins to the Crowd server just won't stop - the plugin implementation seems to login on every HTTP request to Jenkins!
Since Jenkins is AJAX featured and authentication is realized by the CrowdServletFilter, it really should be performant and avoid any superfluous requests to the Crowd server...
René Zanner
added a comment - I attached the log file of a single login after a Jenkins restart. However, it is still incomplete and contains the last 760 or so lines!
(I used the "System Log" facility in "Manage Jenkins" to turn on "ALL" logging for "de.theit.jenkins.crowd" and "com.atlassian.crowd.integration" loggers.)
The requests from Jenkins to the Crowd server just won't stop - the plugin implementation seems to login on every HTTP request to Jenkins!
Since Jenkins is AJAX featured and authentication is realized by the CrowdServletFilter, it really should be performant and avoid any superfluous requests to the Crowd server... René Zanner
added a comment - It seems that the CrowdServletFilter sometimes recreates the Authentication using autoLogin(), although it should already be available in the Spring SecurityContext. Shouldn't the SecurityContext be stored in the HttpSession? Otherwise every AJAX request of Jenkins may end up creating a new Spring SecurityContext, since its default strategy is "ThreadLocal"...
René Zanner
added a comment - It seems that the CrowdServletFilter sometimes recreates the Authentication using autoLogin(), although it should already be available in the Spring SecurityContext. Shouldn't the SecurityContext be stored in the HttpSession? Otherwise every AJAX request of Jenkins may end up creating a new Spring SecurityContext, since its default strategy is "ThreadLocal"... This renders the crowd2-plugin completely unusable. We had page load times of around 20sec, compared to ~1sec with the old crowd-plugin. We switched back to that one now.
Code changed in jenkins
User: Kanstantsin Shautsou
Path:
src/main/java/de/theit/jenkins/crowd/CrowdConfigurationService.java
src/main/java/de/theit/jenkins/crowd/CrowdRememberMeServices.java
src/main/java/de/theit/jenkins/crowd/CrowdSecurityRealm.java
src/main/java/de/theit/jenkins/crowd/CrowdServletFilter.java
src/main/java/de/theit/jenkins/crowd/ErrorMessages.java
src/main/resources/crowd.properties
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/config.jelly
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-applicationName.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-cookieDomain.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-cookieTokenkey.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-httpMaxConnections.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-httpProxyHost.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-httpProxyPassword.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-httpProxyPort.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-httpProxyUsername.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-httpTimeout.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-password.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-sessionValidationInterval.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-url.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-useProxy.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help-useSSO.html
src/main/resources/de/theit/jenkins/crowd/CrowdSecurityRealm/help.html
src/main/resources/de/theit/jenkins/crowd/help-socketTimeout.html
http://jenkins-ci.org/commit/crowd2-plugin/7039baf8288687ee20590011dbd03b85020d2009
Log:
[FIXED JENKINS-21852] Added http proxy configuration.
[FIXED JENKINS-18791] Session validation interval saved from ui.
[FIXED JENKINS-13279] Don't use ssoTokenHelper, work with Embedded Crowd in Jira.
JENKINS-16703 More options for connection configuration.
Compare: https://github.com/jenkinsci/crowd2-plugin/compare/43588915417a...7039baf82886
Coleman
added a comment - Running into this as well on the latest versions of Crowd, this plugin and Jenkins. It absolutely hammers Crowd on every request. Seeing page loads way into the 30+ second range. Any thoughts on a solution?
Coleman
added a comment - Running into this as well on the latest versions of Crowd, this plugin and Jenkins. It absolutely hammers Crowd on every request. Seeing page loads way into the 30+ second range. Any thoughts on a solution? Coleman
added a comment - Removed group restriction. Still an issue. The jenkins log is growing really fast on our end and all thats in it is crowd2 plugin messages.
Coleman
added a comment - Removed group restriction. Still an issue. The jenkins log is growing really fast on our end and all thats in it is crowd2 plugin messages. Requests to Crowd over and over for what appears to be every single request to Jenkins.
Messages like this thousands per second:
Padded plaintext before ENCRYPTION: len = 475 0000: 50 4F 53 54 20 2F 63 72 6F 77 64 2F 72 65 73 74 POST /crowd/rest 0010: 2F 75 73 65 72 6D 61 6E 61 67 65 6D 65 6E 74 2F /usermanagement/ 0020: 31 2F 61 75 74 68 65 6E 74 69 63 61 74 69 6F 6E 1/authentication 0030: 3F 75 73 65 72 6E 61 6D 65 3D 63 6E 69 74 72 6F ?username=cnitro 0040: 79 20 48 54 54 50 2F 31 2E 31 0D 0A 41 63 63 65 y HTTP/1.1..Acce 0050: 70 74 3A 20 61 70 70 6C 69 63 61 74 69 6F 6E 2F pt: application/ 0060: 78 6D 6C 0D 0A 41 75 74 68 6F 72 69 7A 61 74 69 xml..Authorizati 0070: 6F 6E 3A 20 42 61 73 69 63 20 61 6D 56 75 61 32 on: Basic amVua2 0080: 6C 75 63 7A 70 71 4D 32 35 72 4D 57 35 7A 0D 0A luczpqM25rMW5z.. 0090: 55 73 65 72 2D 41 67 65 6E 74 3A 20 4A 61 6B 61 User-Agent: Jaka 00A0: 72 74 61 20 43 6F 6D 6D 6F 6E 73 2D 48 74 74 70 rta Commons-Http 00B0: 43 6C 69 65 6E 74 2F 33 2E 31 0D 0A 48 6F 73 74 Client/3.1..Host 00C0: 3A 20 63 6F 6C 6C 65 63 74 69 76 65 2E 63 76 73 : crowdserverive.ourdomain 00D0: 2E 63 6F 6D 0D 0A 43 6F 6F 6B 69 65 3A 20 24 56 .com..Cookie: $V 00E0: 65 72 73 69 6F 6E 3D 30 3B 20 4A 53 45 53 53 49 ersion=0; JSESSI 00F0: 4F 4E 49 44 3D 33 38 31 42 36 46 37 32 35 36 45 ONID=381B6F7256E 0100: 30 31 44 39 39 45 32 36 42 39 43 43 45 46 37 41 01D99E26B9CCEF7A 0110: 44 38 33 41 41 3B 20 24 50 61 74 68 3D 2F 63 72 D83AA; $Path=/cr 0120: 6F 77 64 2F 0D 0A 43 6F 6E 74 65 6E 74 2D 4C 65 owd/..Content-Le 0130: 6E 67 74 68 3A 20 31 30 37 0D 0A 43 6F 6E 74 65 ngth: 107..Conte 0140: 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C 69 63 61 nt-Type: applica 0150: 74 69 6F 6E 2F 78 6D 6C 0D 0A 0D 0A 3C 3F 78 6D tion/xml....<?xm 0160: 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 20 l version="1.0" 0170: 65 6E 63 6F 64 69 6E 67 3D 22 55 54 46 2D 38 22 encoding="UTF-8" 0180: 20 73 74 61 6E 64 61 6C 6F 6E 65 3D 22 79 65 73 standalone="yes 0190: 22 3F 3E 0A 3C 70 61 73 73 77 6F 72 64 3E 0A 20 "?>.<password>. 01A0: 20 20 20 3C 76 61 6C 75 65 3E 54 33 63 68 6E 30 <value></value>.</pas 01C0: 73 77 6F 72 64 3E 0A 87 98 12 F9 03 12 FD D5 BA sword>.......... 01D0: B0 68 08 45 EA B7 A0 03 2E E6 DC .h.E....... Handling GET /api/json from 10.51.212.84 : RequestHandlerThread[#10], WRITE: TLSv1 Application Data, length = 475 [Raw write]: length = 480 0000: 17 03 01 01 DB 4D A2 4C 38 36 5D 44 B5 68 B2 B6 .....M.L86]D.h.. 0010: 2E B6 29 3E 54 8C 74 FE A5 06 AC 45 E0 88 D6 41 ..)>T.t....E...A 0020: 44 00 54 18 7A 43 A9 AE CD D7 D2 7A 06 FF 8D C8 D.T.zC.....z.... 0030: 97 93 59 39 D9 E7 2C 39 95 3F D4 F5 B4 3D 85 F3 ..Y9..,9.?...=.. 0040: B5 52 CE D0 C4 4A B5 75 BE B2 FF C9 09 09 34 45 .R...J.u......4E 0050: FE B5 56 D9 C7 31 75 65 58 CA 6F 28 B3 35 E0 4E ..V..1ueX.o(.5.N 0060: 71 51 0A AA 4F 1D DC EC 54 35 87 86 D4 96 E6 4A qQ..O...T5.....J 0070: 20 0E 6B E0 BB 04 E8 B9 FB C2 DD 54 D0 F5 08 C4 .k........T.... 0080: 7A 7C FE B7 D9 08 29 FF 2E 3A 26 4F 0B 7E 5C 21 z.....)..:&O..\! 0090: 69 58 2E AF 55 36 E4 41 B9 77 CD EC E9 F5 88 4D iX..U6.A.w.....M 00A0: 99 F9 67 BA 35 39 16 B1 C8 53 FB 8F 14 79 2C 4C ..g.59...S...y,L 00B0: 7E 37 4C 7E 0D 85 3D DB 99 E9 4D C3 F8 01 77 D1 .7L...=...M...w. 00C0: DC D8 40 27 EA F8 99 6C 09 93 BD 2A 6C 95 E8 1D ..@'...l...*l... 00D0: BE 0B 22 56 DD 11 BF 45 9D AF 03 2A BE 8E 11 95 .."V...E...*.... 00E0: 8A 1D A1 AB 07 83 B1 B4 70 EC 32 78 75 96 12 80 ........p.2xu... 00F0: 6D 7B 5D 22 D3 7B CF 72 B1 26 E0 71 C3 A3 BF FF m.]"...r.&.q.... 0100: 47 29 6A FB 0C CB 1F 76 06 8E B1 D6 AA 75 28 18 G)j....v.....u(. 0110: 70 F7 BF 1E E0 05 4C FB 22 27 2D 9A 9A BF F9 8B p.....L."'-..... 0120: 24 CD 98 4C F3 9E F9 CB D3 02 FD 4D 95 F1 56 98 $..L.......M..V. 0130: 92 D5 54 4E F8 E0 5D C5 EC 60 FE 9C 11 7A 27 B6 ..TN..]..`...z'. 0140: 3C B9 3D 98 6D A3 9D 69 93 5B DE 25 F7 C3 83 8D <.=.m..i.[.%.... 0150: F0 9C F7 99 F4 48 A7 9B 38 B1 50 01 85 A5 36 8A .....H..8.P...6. 0160: 75 8C 0C C2 2C 75 66 BF 42 90 DD 63 66 67 F5 13 u...,uf.B..cfg.. 0170: F3 E1 7E 09 2D C6 65 D7 CF BA C0 A0 0F 7B 2A 83 ....-.e.......*. 0180: 28 05 80 C7 9D 4F F9 EC CC FE 79 CB BF F3 CC 67 (....O....y....g 0190: 55 EE DC E0 CF 3C 85 3D 28 9A A3 7A A0 51 18 F6 U....<.=(..z.Q.. 01A0: B8 82 FA 5E 46 76 FA 9F 07 5C 86 21 6A A5 CD 27 ...^Fv...\.!j..' 01B0: 1C 42 D6 98 A5 2F 48 D4 3D 44 E3 AF B3 0B 89 E3 .B.../H.=D...... 01C0: 11 72 78 E4 6A 10 95 CF 60 84 CC 5E B0 8D 72 2A .rx.j...`..^..r* 01D0: 12 2C F3 A0 A9 8B 84 47 4B 2F C6 01 86 38 CF 2F .,.....GK/...8./ [Raw read]: length = 5 0000: 17 03 01 01 58 ....X [Raw read]: length = 344 0000: 6F 58 E2 86 FC 0F 62 F1 A2 9C D0 52 D4 97 D9 66 oX....b....R...f 0010: 21 87 40 90 E7 0F DB 1D 60 37 D1 A5 86 3A 2F D9 !.@.....`7...:/. 0020: A2 DA F7 07 E2 4C A7 57 09 38 B5 DA BA E2 19 1C .....L.W.8...... 0030: 7A 93 E0 E5 3C 11 6E 49 B0 EA CA AF D2 0E 56 A2 z...<.nI......V. 0040: 35 C5 9B D6 A2 07 53 3F 9C DA A1 14 81 5C E3 F5 5.....S?.....\.. 0050: 6F 73 2B 45 03 3C 1E 3C A7 55 1D AC 87 41 D2 17 os+E.<.<.U...A.. 0060: B8 95 33 92 34 5B CA 51 4F A3 98 C4 73 A6 E2 5A ..3.4[.QO...s..Z 0070: 7A 57 57 AF E5 14 FB F3 EE F0 D0 9C 76 A1 8B F1 zWW.........v... 0080: 0B 99 5B 46 BC 99 FD 18 CF DA 4C 86 1A EE 41 8E ..[F......L...A. 0090: A1 03 B6 C1 D7 66 02 BD D5 1D 5A 87 EC F7 81 A1 .....f....Z..... 00A0: 6C 8F F5 CB 43 C5 73 13 1A C9 27 22 64 EE E9 78 l...C.s...'"d..x 00B0: A9 32 41 06 46 8E 92 65 BB 74 1A 9C DD 32 AF 90 .2A.F..e.t...2.. 00C0: E6 18 AC DC A5 2A CF 69 A6 AF E4 4E A3 7C DF 97 .....*.i...N.... 00D0: D6 64 44 57 34 07 22 14 AB DB 5D 28 5A 28 AE 2D .dDW4."...](Z(.- 00E0: B7 13 B3 76 12 4A 70 88 F9 7D 14 D9 1C B1 26 21 ...v.Jp.......&! 00F0: D5 38 BA D5 54 FC 5D 6E 76 B3 EC E3 1B 5A CE 09 .8..T.]nv....Z.. 0100: 07 F2 36 C6 8B E1 5F CB 0E 75 05 18 E7 47 C8 23 ..6..._..u...G.# 0110: F4 40 3B 4D EF C0 C3 1D C7 39 FF 59 80 06 5D 70 .@;M.....9.Y..]p 0120: 06 E8 39 DC 76 B5 CB 30 7E B2 95 9F A0 4B 64 CE ..9.v..0.....Kd. 0130: 78 B2 51 E9 18 07 A6 65 96 79 46 9D 2A D8 73 4F x.Q....e.yF.*.sO 0140: CF F2 44 BD 64 C5 D7 8B 02 07 99 01 C3 D8 8B BF ..D.d........... 0150: 2B B4 4F C7 DC E6 7B 49 +.O....I Handling GET /api/json from 10.51.212.84 : RequestHandlerThread[#10], READ: TLSv1 Application Data, length = 344 Padded plaintext after DECRYPTION: len = 344 0000: 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D HTTP/1.1 200 OK. 0010: 0A 44 61 74 65 3A 20 4D 6F 6E 2C 20 32 30 20 4F .Date: Mon, 20 O 0020: 63 74 20 32 30 31 34 20 31 35 3A 35 36 3A 30 33 ct 2014 15:56:03 0030: 20 47 4D 54 0D 0A 53 65 72 76 65 72 3A 20 41 70 GMT..Server: Ap 0040: 61 63 68 65 2D 43 6F 79 6F 74 65 2F 31 2E 31 0D ache-Coyote/1.1. 0050: 0A 58 2D 45 6D 62 65 64 64 65 64 2D 43 72 6F 77 .X-Embedded-Crow 0060: 64 2D 56 65 72 73 69 6F 6E 3A 20 43 72 6F 77 64 d-Version: Crowd 0070: 2F 32 2E 37 2E 32 0D 0A 58 2D 43 72 6F 77 64 2D /2.7.2..X-Crowd- 0080: 55 73 65 72 2D 4D 61 6E 61 67 65 6D 65 6E 74 2D User-Management- 0090: 56 65 72 73 69 6F 6E 3A 20 31 2E 34 0D 0A 43 6F Version: 1.4..Co 00A0: 6E 74 65 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C ntent-Type: appl 00B0: 69 63 61 74 69 6F 6E 2F 78 6D 6C 0D 0A 43 6F 6E ication/xml..Con 00C0: 74 65 6E 74 2D 4C 65 6E 67 74 68 3A 20 36 38 31 tent-Length: 681 00D0: 0D 0A 53 65 74 2D 43 6F 6F 6B 69 65 3A 20 4A 53 ..Set-Cookie: JS 00E0: 45 53 53 49 4F 4E 49 44 3D 39 30 34 34 35 43 41 ESSIONID=90445CA 00F0: 37 31 34 38 41 30 43 32 36 36 34 41 33 31 44 36 7148A0C2664A31D6 0100: 43 41 31 42 30 42 30 32 37 3B 20 50 61 74 68 3D CA1B0B027; Path= 0110: 2F 63 72 6F 77 64 2F 3B 20 53 65 63 75 72 65 3B /crowd/; Secure; 0120: 20 48 74 74 70 4F 6E 6C 79 0D 0A 56 61 72 79 3A HttpOnly..Vary: 0130: 20 41 63 63 65 70 74 2D 45 6E 63 6F 64 69 6E 67 Accept-Encoding 0140: 0D 0A 0D 0A 22 8F 91 3B D3 03 65 3E 86 CC D0 E7 ...."..;..e>.... 0150: B7 08 BC DA F3 9F 19 CB ........ [Raw read]: length = 5 0000: 17 03 01 02 BD ..... [Raw read]: length = 701 0000: A5 DA 74 4D D4 F3 CF 71 65 22 2D B5 E8 1A 0C 84 ..tM...qe"-..... 0010: 3E 64 89 B0 42 7A 7D 93 49 71 BE 47 F3 F2 BB D2 >d..Bz..Iq.G.... 0020: 36 3E DA 69 C3 9C 88 4E F8 15 B7 62 27 76 46 46 6>.i...N...b'vFF 0030: 39 83 68 ED 1D 45 CD C6 EB 90 A4 49 DC CB 67 E2 9.h..E.....I..g. 0040: F2 6E CE 14 54 E8 98 69 AB 87 E5 BF 3B B4 22 D2 .n..T..i....;.". 0050: 9B 02 2C DF 0F B4 D0 46 22 5B 39 A7 C1 CA F7 21 ..,....F"[9....! 0060: 1A 96 5A 34 25 D2 B7 DF 07 F6 DA A1 44 EC 3E 04 ..Z4%.......D.>. 0070: BE 1B F9 00 A4 B9 FA EF 20 DD 41 CB C4 D4 7E D7 ........ .A..... 0080: 7F 38 5D D7 84 FC 5E 52 04 CC 29 BE 6D CC 0C 6B .8]...^R..).m..k 0090: B8 B6 47 0E B3 0A 41 B7 AA 1D 7A 55 C0 B2 D1 9A ..G...A...zU.... 00A0: D0 80 1A 77 06 BB DB 0D DD FE B2 E5 8E 79 35 B0 ...w.........y5. 00B0: 3E 6D F2 3F 4D 44 ED 0F 3E 52 10 58 F7 2A D9 5F >m.?MD..>R.X.*._ 00C0: EA 78 67 A9 A5 AC D7 97 70 90 0C 98 84 4B 6D 58 .xg.....p....KmX 00D0: 8B AC BD 23 86 6F 94 6E 7F 44 0C 33 8A 23 A3 DF ...#.o.n.D.3.#.. 00E0: F6 39 5F 25 29 EA 7F 5B 37 40 42 61 71 16 03 23 .9_%)..[7@Baq..# 00F0: EC C5 46 6A AC 24 B8 86 E3 12 0A 4C 3C F5 CC C3 ..Fj.$.....L<... 0100: 74 0B B1 2F D5 B8 3E 2D 92 C4 CF 4E 1A 90 25 85 t../..>-...N..%. 0110: 85 E8 36 70 42 59 6A 20 FC 8C 09 CB FE 02 C5 58 ..6pBYj .......X 0120: 6B 79 0E 6D BA 60 17 CB F9 7C 8E FA A6 A0 21 06 ky.m.`........!. 0130: 61 10 B5 54 8F 34 F0 48 78 6F 67 55 31 06 AF 4F a..T.4.HxogU1..O 0140: DC C6 D5 F6 C5 89 7D F5 3B CC 88 A9 72 AC 21 B2 ........;...r.!. 0150: 74 DE 7E DB DA A3 A3 39 54 F4 BA B2 84 60 F2 C2 t......9T....`.. 0160: BF 3F 32 FF 02 75 FE B7 93 5B FE C7 71 8D 12 39 .?2..u...[..q..9 0170: F6 CC 4C 34 4F 9A FB 30 D9 CA 5D 05 FE 65 01 EB ..L4O..0..]..e.. 0180: 70 83 4A E6 62 C0 AF A6 B6 97 7D D4 F4 CE 64 F1 p.J.b.........d. 0190: D1 AF 31 1A FE 50 E0 7B 0F 1C F6 BD 15 3F 42 25 ..1..P.......?B% 01A0: CA 09 02 4E C3 28 72 B4 23 42 FC C3 54 63 70 62 ...N.(r.#B..Tcpb 01B0: 5C E5 73 C0 B7 4F 9F 7C 9D 0F E5 68 D0 B5 68 37 \.s..O.....h..h7 01C0: 65 07 85 D2 B7 6E E7 F2 F4 B3 46 98 B4 62 10 68 e....n....F..b.h 01D0: E9 86 6D 25 8A DF 09 8E D5 DF A3 86 E8 FB 85 A2 ..m%............ 01E0: 56 CF AF 71 C1 77 DA E3 3E 77 A9 DB B1 C2 CE 8F V..q.w..>w...... 01F0: 14 C2 3C AD 2A C4 69 F2 01 D0 61 0E 32 6B 4B 8D ..<.*.i...a.2kK. 0200: 8D 17 8A 91 60 1C EA 58 60 33 AB 83 16 29 7C 14 ....`..X`3...).. 0210: E5 A6 EA F4 60 93 49 C4 A9 EB FD 36 67 75 7F CD ....`.I....6gu.. 0220: 8E D9 16 25 7E B5 23 93 6A 27 16 BC F8 E4 B5 28 ...%..#.j'.....( 0230: 58 9F 6A 7B 87 C6 2B 96 CC A8 38 2E C8 E2 53 C8 X.j...+...8...S. 0240: E0 8F 80 E4 2A DB 16 78 AE E3 B8 5A 6F 5E 4C 90 ....*..x...Zo^L. 0250: 76 6C C9 04 5D 61 4B 0A 45 0F 86 78 38 9F 62 1D vl..]aK.E..x8.b. 0260: B6 04 23 0C 09 E0 A7 99 84 DA 86 54 6B 47 E8 23 ..#........TkG.# 0270: 11 C9 67 A5 D1 1D 13 8A 63 E6 FC F2 F7 E6 F7 15 ..g.....c....... 0280: E0 08 35 F1 4D 8B 69 AD E1 0B B0 E6 A8 54 A0 98 ..5.M.i......T.. 0290: 37 3F 0F 58 5F 98 4D 36 08 87 30 E1 D7 9A 05 2C 7?.X_.M6..0...., 02A0: D4 DF 08 42 46 E8 67 E6 5F DD 40 9D 5C 7B 4B 37 ...BF.g._.@.\.K7 02B0: 96 60 DB 34 CB C3 3C DA 2C 79 0E B5 BB .`.4..<.,y... Handling GET /api/json from 10.51.212.84 : RequestHandlerThread[#10], READ: TLSv1 Application Data, length = 701 Padded plaintext after DECRYPTION: len = 701 0000: 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 <?xml version="1 0010: 2E 30 22 20 65 6E 63 6F 64 69 6E 67 3D 22 55 54 .0" encoding="UT 0020: 46 2D 38 22 20 73 74 61 6E 64 61 6C 6F 6E 65 3D F-8" standalone= 0030: 22 79 65 73 22 3F 3E 3C 75 73 65 72 20 65 78 70 "yes"?><user exp 0040: 61 6E 64 3D 22 61 74 74 72 69 62 75 74 65 73 22 and="attributes" 0050: 20 6E 61 6D 65 3D 22 63 6E 69 74 72 6F 79 22 3E name="someuser"> 0060: 3C 6C 69 6E 6B 20 68 72 65 66 3D 22 68 74 74 70 <link href="http 0070: 73 3A 2F 2F 63 6F 6C 6C 65 63 74 69 76 65 2E 63 s://crowdserverive.c 0080: 76 73 2E 63 6F 6D 2F 63 72 6F 77 64 2F 72 65 73 vs.com/crowd/res 0090: 74 2F 75 73 65 72 6D 61 6E 61 67 65 6D 65 6E 74 t/usermanagement 00A0: 2F 31 2F 75 73 65 72 3F 75 73 65 72 6E 61 6D 65 /1/user?username 00B0: 3D 63 6E 69 74 72 6F 79 22 20 72 65 6C 3D 22 73 =someuser" rel="s 00C0: 65 6C 66 22 2F 3E 3C 66 69 72 73 74 2D 6E 61 6D elf"/><first-nam 00D0: 65 3E 43 6F 6C 65 6D 61 6E 3C 2F 66 69 72 73 74 e>Firensame</first 00E0: 2D 6E 61 6D 65 3E 3C 6C 61 73 74 2D 6E 61 6D 65 -name><last-name 00F0: 3E 4E 69 74 72 6F 79 3C 2F 6C 61 73 74 2D 6E 61 >Lastname</last-na 0100: 6D 65 3E 3C 64 69 73 70 6C 61 79 2D 6E 61 6D 65 me><display-name 0110: 3E 43 6F 6C 65 6D 61 6E 20 4E 69 74 72 6F 79 3C >Firensame Lastname< 0120: 2F 64 69 73 70 6C 61 79 2D 6E 61 6D 65 3E 3C 65 /display-name><e 0130: 6D 61 69 6C 3E 63 6E 69 74 72 6F 79 40 6D 65 2E mail>someuser@me. 0140: 63 6F 6D 3C 2F 65 6D 61 69 6C 3E 3C 70 61 73 73 com</email><pass 0150: 77 6F 72 64 3E 3C 6C 69 6E 6B 20 68 72 65 66 3D word><link href= 0160: 22 68 74 74 70 73 3A 2F 2F 63 6F 6C 6C 65 63 74 "https://crowdserver 0170: 69 76 65 2E 63 76 73 2E 63 6F 6D 2F 63 72 6F 77 ive.ourdomain.com/crow 0180: 64 2F 72 65 73 74 2F 75 73 65 72 6D 61 6E 61 67 d/rest/usermanag 0190: 65 6D 65 6E 74 2F 31 2F 75 73 65 72 2F 70 61 73 ement/1/user/pas 01A0: 73 77 6F 72 64 3F 75 73 65 72 6E 61 6D 65 3D 63 sword?username=c 01B0: 6E 69 74 72 6F 79 22 20 72 65 6C 3D 22 65 64 69 lastname" rel="edi 01C0: 74 22 2F 3E 3C 2F 70 61 73 73 77 6F 72 64 3E 3C t"/></password>< 01D0: 6B 65 79 3E 33 32 37 36 39 3A 32 32 32 62 61 64 key>32769:222bad 01E0: 66 64 2D 35 33 38 62 2D 34 37 30 33 2D 38 63 36 fd-538b-4703-8c6 01F0: 38 2D 63 39 36 31 35 31 61 61 64 64 65 36 3C 2F 8-c96151aadde6</ 0200: 6B 65 79 3E 3C 61 63 74 69 76 65 3E 74 72 75 65 key><active>true 0210: 3C 2F 61 63 74 69 76 65 3E 3C 61 74 74 72 69 62 </active><attrib 0220: 75 74 65 73 3E 3C 6C 69 6E 6B 20 68 72 65 66 3D utes><link href= 0230: 22 68 74 74 70 73 3A 2F 2F 63 6F 6C 6C 65 63 74 "https://crowdserver 0240: 69 76 65 2E 63 76 73 2E 63 6F 6D 2F 63 72 6F 77 ive.ourdomain.com/crow 0250: 64 2F 72 65 73 74 2F 75 73 65 72 6D 61 6E 61 67 d/rest/usermanag 0260: 65 6D 65 6E 74 2F 31 2F 75 73 65 72 2F 61 74 74 ement/1/user/att 0270: 72 69 62 75 74 65 3F 75 73 65 72 6E 61 6D 65 3D ribute?username= 0280: 63 6E 69 74 72 6F 79 22 20 72 65 6C 3D 22 73 65 someuser" rel="se 0290: 6C 66 22 2F 3E 3C 2F 61 74 74 72 69 62 75 74 65 lf"/></attribute 02A0: 73 3E 3C 2F 75 73 65 72 3E 7C BB DD D3 B6 E3 5E s></user>......^
Coleman
added a comment - - edited Requests to Crowd over and over for what appears to be every single request to Jenkins.
Messages like this thousands per second:
Padded plaintext before ENCRYPTION: len = 475
0000: 50 4F 53 54 20 2F 63 72 6F 77 64 2F 72 65 73 74 POST /crowd/ rest
0010: 2F 75 73 65 72 6D 61 6E 61 67 65 6D 65 6E 74 2F /usermanagement/
0020: 31 2F 61 75 74 68 65 6E 74 69 63 61 74 69 6F 6E 1/authentication
0030: 3F 75 73 65 72 6E 61 6D 65 3D 63 6E 69 74 72 6F ?username=cnitro
0040: 79 20 48 54 54 50 2F 31 2E 31 0D 0A 41 63 63 65 y HTTP/1.1..Acce
0050: 70 74 3A 20 61 70 70 6C 69 63 61 74 69 6F 6E 2F pt: application/
0060: 78 6D 6C 0D 0A 41 75 74 68 6F 72 69 7A 61 74 69 xml..Authorizati
0070: 6F 6E 3A 20 42 61 73 69 63 20 61 6D 56 75 61 32 on: Basic amVua2
0080: 6C 75 63 7A 70 71 4D 32 35 72 4D 57 35 7A 0D 0A luczpqM25rMW5z..
0090: 55 73 65 72 2D 41 67 65 6E 74 3A 20 4A 61 6B 61 User-Agent: Jaka
00A0: 72 74 61 20 43 6F 6D 6D 6F 6E 73 2D 48 74 74 70 rta Commons-Http
00B0: 43 6C 69 65 6E 74 2F 33 2E 31 0D 0A 48 6F 73 74 Client/3.1..Host
00C0: 3A 20 63 6F 6C 6C 65 63 74 69 76 65 2E 63 76 73 : crowdserverive.ourdomain
00D0: 2E 63 6F 6D 0D 0A 43 6F 6F 6B 69 65 3A 20 24 56 .com..Cookie: $V
00E0: 65 72 73 69 6F 6E 3D 30 3B 20 4A 53 45 53 53 49 ersion=0; JSESSI
00F0: 4F 4E 49 44 3D 33 38 31 42 36 46 37 32 35 36 45 ONID=381B6F7256E
0100: 30 31 44 39 39 45 32 36 42 39 43 43 45 46 37 41 01D99E26B9CCEF7A
0110: 44 38 33 41 41 3B 20 24 50 61 74 68 3D 2F 63 72 D83AA; $Path=/cr
0120: 6F 77 64 2F 0D 0A 43 6F 6E 74 65 6E 74 2D 4C 65 owd/..Content-Le
0130: 6E 67 74 68 3A 20 31 30 37 0D 0A 43 6F 6E 74 65 ngth: 107..Conte
0140: 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C 69 63 61 nt-Type: applica
0150: 74 69 6F 6E 2F 78 6D 6C 0D 0A 0D 0A 3C 3F 78 6D tion/xml....<?xm
0160: 6C 20 76 65 72 73 69 6F 6E 3D 22 31 2E 30 22 20 l version= "1.0"
0170: 65 6E 63 6F 64 69 6E 67 3D 22 55 54 46 2D 38 22 encoding= "UTF-8"
0180: 20 73 74 61 6E 64 61 6C 6F 6E 65 3D 22 79 65 73 standalone="yes
0190: 22 3F 3E 0A 3C 70 61 73 73 77 6F 72 64 3E 0A 20 "?>.<password>.
01A0: 20 20 20 3C 76 61 6C 75 65 3E 54 33 63 68 6E 30 <value></value>.</pas
01C0: 73 77 6F 72 64 3E 0A 87 98 12 F9 03 12 FD D5 BA sword>..........
01D0: B0 68 08 45 EA B7 A0 03 2E E6 DC .h.E.......
Handling GET /api/json from 10.51.212.84 : RequestHandlerThread[#10], WRITE: TLSv1 Application Data, length = 475
[Raw write]: length = 480
0000: 17 03 01 01 DB 4D A2 4C 38 36 5D 44 B5 68 B2 B6 .....M.L86]D.h..
0010: 2E B6 29 3E 54 8C 74 FE A5 06 AC 45 E0 88 D6 41 ..)>T.t....E...A
0020: 44 00 54 18 7A 43 A9 AE CD D7 D2 7A 06 FF 8D C8 D.T.zC.....z....
0030: 97 93 59 39 D9 E7 2C 39 95 3F D4 F5 B4 3D 85 F3 ..Y9..,9.?...=..
0040: B5 52 CE D0 C4 4A B5 75 BE B2 FF C9 09 09 34 45 .R...J.u......4E
0050: FE B5 56 D9 C7 31 75 65 58 CA 6F 28 B3 35 E0 4E ..V..1ueX.o(.5.N
0060: 71 51 0A AA 4F 1D DC EC 54 35 87 86 D4 96 E6 4A qQ..O...T5.....J
0070: 20 0E 6B E0 BB 04 E8 B9 FB C2 DD 54 D0 F5 08 C4 .k........T....
0080: 7A 7C FE B7 D9 08 29 FF 2E 3A 26 4F 0B 7E 5C 21 z.....)..:&O..\!
0090: 69 58 2E AF 55 36 E4 41 B9 77 CD EC E9 F5 88 4D iX..U6.A.w.....M
00A0: 99 F9 67 BA 35 39 16 B1 C8 53 FB 8F 14 79 2C 4C ..g.59...S...y,L
00B0: 7E 37 4C 7E 0D 85 3D DB 99 E9 4D C3 F8 01 77 D1 .7L...=...M...w.
00C0: DC D8 40 27 EA F8 99 6C 09 93 BD 2A 6C 95 E8 1D ..@'...l...*l...
00D0: BE 0B 22 56 DD 11 BF 45 9D AF 03 2A BE 8E 11 95 .."V...E...*....
00E0: 8A 1D A1 AB 07 83 B1 B4 70 EC 32 78 75 96 12 80 ........p.2xu...
00F0: 6D 7B 5D 22 D3 7B CF 72 B1 26 E0 71 C3 A3 BF FF m.]"...r.&.q....
0100: 47 29 6A FB 0C CB 1F 76 06 8E B1 D6 AA 75 28 18 G)j....v.....u(.
0110: 70 F7 BF 1E E0 05 4C FB 22 27 2D 9A 9A BF F9 8B p.....L."'-.....
0120: 24 CD 98 4C F3 9E F9 CB D3 02 FD 4D 95 F1 56 98 $..L.......M..V.
0130: 92 D5 54 4E F8 E0 5D C5 EC 60 FE 9C 11 7A 27 B6 ..TN..]..`...z'.
0140: 3C B9 3D 98 6D A3 9D 69 93 5B DE 25 F7 C3 83 8D <.=.m..i.[.%....
0150: F0 9C F7 99 F4 48 A7 9B 38 B1 50 01 85 A5 36 8A .....H..8.P...6.
0160: 75 8C 0C C2 2C 75 66 BF 42 90 DD 63 66 67 F5 13 u...,uf.B..cfg..
0170: F3 E1 7E 09 2D C6 65 D7 CF BA C0 A0 0F 7B 2A 83 ....-.e.......*.
0180: 28 05 80 C7 9D 4F F9 EC CC FE 79 CB BF F3 CC 67 (....O....y....g
0190: 55 EE DC E0 CF 3C 85 3D 28 9A A3 7A A0 51 18 F6 U....<.=(..z.Q..
01A0: B8 82 FA 5E 46 76 FA 9F 07 5C 86 21 6A A5 CD 27 ...^Fv...\.!j..'
01B0: 1C 42 D6 98 A5 2F 48 D4 3D 44 E3 AF B3 0B 89 E3 .B.../H.=D......
01C0: 11 72 78 E4 6A 10 95 CF 60 84 CC 5E B0 8D 72 2A .rx.j...`..^..r*
01D0: 12 2C F3 A0 A9 8B 84 47 4B 2F C6 01 86 38 CF 2F .,.....GK/...8./
[Raw read]: length = 5
0000: 17 03 01 01 58 ....X
[Raw read]: length = 344
0000: 6F 58 E2 86 FC 0F 62 F1 A2 9C D0 52 D4 97 D9 66 oX....b....R...f
0010: 21 87 40 90 E7 0F DB 1D 60 37 D1 A5 86 3A 2F D9 !.@.....`7...:/.
0020: A2 DA F7 07 E2 4C A7 57 09 38 B5 DA BA E2 19 1C .....L.W.8......
0030: 7A 93 E0 E5 3C 11 6E 49 B0 EA CA AF D2 0E 56 A2 z...<.nI......V.
0040: 35 C5 9B D6 A2 07 53 3F 9C DA A1 14 81 5C E3 F5 5.....S?.....\..
0050: 6F 73 2B 45 03 3C 1E 3C A7 55 1D AC 87 41 D2 17 os+E.<.<.U...A..
0060: B8 95 33 92 34 5B CA 51 4F A3 98 C4 73 A6 E2 5A ..3.4[.QO...s..Z
0070: 7A 57 57 AF E5 14 FB F3 EE F0 D0 9C 76 A1 8B F1 zWW.........v...
0080: 0B 99 5B 46 BC 99 FD 18 CF DA 4C 86 1A EE 41 8E ..[F......L...A.
0090: A1 03 B6 C1 D7 66 02 BD D5 1D 5A 87 EC F7 81 A1 .....f....Z.....
00A0: 6C 8F F5 CB 43 C5 73 13 1A C9 27 22 64 EE E9 78 l...C.s...'"d..x
00B0: A9 32 41 06 46 8E 92 65 BB 74 1A 9C DD 32 AF 90 .2A.F..e.t...2..
00C0: E6 18 AC DC A5 2A CF 69 A6 AF E4 4E A3 7C DF 97 .....*.i...N....
00D0: D6 64 44 57 34 07 22 14 AB DB 5D 28 5A 28 AE 2D .dDW4."...](Z(.-
00E0: B7 13 B3 76 12 4A 70 88 F9 7D 14 D9 1C B1 26 21 ...v.Jp.......&!
00F0: D5 38 BA D5 54 FC 5D 6E 76 B3 EC E3 1B 5A CE 09 .8..T.]nv....Z..
0100: 07 F2 36 C6 8B E1 5F CB 0E 75 05 18 E7 47 C8 23 ..6..._..u...G.#
0110: F4 40 3B 4D EF C0 C3 1D C7 39 FF 59 80 06 5D 70 .@;M.....9.Y..]p
0120: 06 E8 39 DC 76 B5 CB 30 7E B2 95 9F A0 4B 64 CE ..9.v..0.....Kd.
0130: 78 B2 51 E9 18 07 A6 65 96 79 46 9D 2A D8 73 4F x.Q....e.yF.*.sO
0140: CF F2 44 BD 64 C5 D7 8B 02 07 99 01 C3 D8 8B BF ..D.d...........
0150: 2B B4 4F C7 DC E6 7B 49 +.O....I
Handling GET /api/json from 10.51.212.84 : RequestHandlerThread[#10], READ: TLSv1 Application Data, length = 344
Padded plaintext after DECRYPTION: len = 344
0000: 48 54 54 50 2F 31 2E 31 20 32 30 30 20 4F 4B 0D HTTP/1.1 200 OK.
0010: 0A 44 61 74 65 3A 20 4D 6F 6E 2C 20 32 30 20 4F .Date: Mon, 20 O
0020: 63 74 20 32 30 31 34 20 31 35 3A 35 36 3A 30 33 ct 2014 15:56:03
0030: 20 47 4D 54 0D 0A 53 65 72 76 65 72 3A 20 41 70 GMT..Server: Ap
0040: 61 63 68 65 2D 43 6F 79 6F 74 65 2F 31 2E 31 0D ache-Coyote/1.1.
0050: 0A 58 2D 45 6D 62 65 64 64 65 64 2D 43 72 6F 77 .X-Embedded-Crow
0060: 64 2D 56 65 72 73 69 6F 6E 3A 20 43 72 6F 77 64 d-Version: Crowd
0070: 2F 32 2E 37 2E 32 0D 0A 58 2D 43 72 6F 77 64 2D /2.7.2..X-Crowd-
0080: 55 73 65 72 2D 4D 61 6E 61 67 65 6D 65 6E 74 2D User-Management-
0090: 56 65 72 73 69 6F 6E 3A 20 31 2E 34 0D 0A 43 6F Version: 1.4..Co
00A0: 6E 74 65 6E 74 2D 54 79 70 65 3A 20 61 70 70 6C ntent-Type: appl
00B0: 69 63 61 74 69 6F 6E 2F 78 6D 6C 0D 0A 43 6F 6E ication/xml..Con
00C0: 74 65 6E 74 2D 4C 65 6E 67 74 68 3A 20 36 38 31 tent-Length: 681
00D0: 0D 0A 53 65 74 2D 43 6F 6F 6B 69 65 3A 20 4A 53 ..Set-Cookie: JS
00E0: 45 53 53 49 4F 4E 49 44 3D 39 30 34 34 35 43 41 ESSIONID=90445CA
00F0: 37 31 34 38 41 30 43 32 36 36 34 41 33 31 44 36 7148A0C2664A31D6
0100: 43 41 31 42 30 42 30 32 37 3B 20 50 61 74 68 3D CA1B0B027; Path=
0110: 2F 63 72 6F 77 64 2F 3B 20 53 65 63 75 72 65 3B /crowd/; Secure;
0120: 20 48 74 74 70 4F 6E 6C 79 0D 0A 56 61 72 79 3A HttpOnly..Vary:
0130: 20 41 63 63 65 70 74 2D 45 6E 63 6F 64 69 6E 67 Accept-Encoding
0140: 0D 0A 0D 0A 22 8F 91 3B D3 03 65 3E 86 CC D0 E7 ...."..;..e>....
0150: B7 08 BC DA F3 9F 19 CB ........
[Raw read]: length = 5
0000: 17 03 01 02 BD .....
[Raw read]: length = 701
0000: A5 DA 74 4D D4 F3 CF 71 65 22 2D B5 E8 1A 0C 84 ..tM...qe"-.....
0010: 3E 64 89 B0 42 7A 7D 93 49 71 BE 47 F3 F2 BB D2 >d..Bz..Iq.G....
0020: 36 3E DA 69 C3 9C 88 4E F8 15 B7 62 27 76 46 46 6>.i...N...b'vFF
0030: 39 83 68 ED 1D 45 CD C6 EB 90 A4 49 DC CB 67 E2 9.h..E.....I..g.
0040: F2 6E CE 14 54 E8 98 69 AB 87 E5 BF 3B B4 22 D2 .n..T..i....;.".
0050: 9B 02 2C DF 0F B4 D0 46 22 5B 39 A7 C1 CA F7 21 ..,....F"[9....!
0060: 1A 96 5A 34 25 D2 B7 DF 07 F6 DA A1 44 EC 3E 04 ..Z4%.......D.>.
0070: BE 1B F9 00 A4 B9 FA EF 20 DD 41 CB C4 D4 7E D7 ........ .A.....
0080: 7F 38 5D D7 84 FC 5E 52 04 CC 29 BE 6D CC 0C 6B .8]...^R..).m..k
0090: B8 B6 47 0E B3 0A 41 B7 AA 1D 7A 55 C0 B2 D1 9A ..G...A...zU....
00A0: D0 80 1A 77 06 BB DB 0D DD FE B2 E5 8E 79 35 B0 ...w.........y5.
00B0: 3E 6D F2 3F 4D 44 ED 0F 3E 52 10 58 F7 2A D9 5F >m.?MD..>R.X.*._
00C0: EA 78 67 A9 A5 AC D7 97 70 90 0C 98 84 4B 6D 58 .xg.....p....KmX
00D0: 8B AC BD 23 86 6F 94 6E 7F 44 0C 33 8A 23 A3 DF ...#.o.n.D.3.#..
00E0: F6 39 5F 25 29 EA 7F 5B 37 40 42 61 71 16 03 23 .9_%)..[7@Baq..#
00F0: EC C5 46 6A AC 24 B8 86 E3 12 0A 4C 3C F5 CC C3 ..Fj.$.....L<...
0100: 74 0B B1 2F D5 B8 3E 2D 92 C4 CF 4E 1A 90 25 85 t../..>-...N..%.
0110: 85 E8 36 70 42 59 6A 20 FC 8C 09 CB FE 02 C5 58 ..6pBYj .......X
0120: 6B 79 0E 6D BA 60 17 CB F9 7C 8E FA A6 A0 21 06 ky.m.`........!.
0130: 61 10 B5 54 8F 34 F0 48 78 6F 67 55 31 06 AF 4F a..T.4.HxogU1..O
0140: DC C6 D5 F6 C5 89 7D F5 3B CC 88 A9 72 AC 21 B2 ........;...r.!.
0150: 74 DE 7E DB DA A3 A3 39 54 F4 BA B2 84 60 F2 C2 t......9T....`..
0160: BF 3F 32 FF 02 75 FE B7 93 5B FE C7 71 8D 12 39 .?2..u...[..q..9
0170: F6 CC 4C 34 4F 9A FB 30 D9 CA 5D 05 FE 65 01 EB ..L4O..0..]..e..
0180: 70 83 4A E6 62 C0 AF A6 B6 97 7D D4 F4 CE 64 F1 p.J.b.........d.
0190: D1 AF 31 1A FE 50 E0 7B 0F 1C F6 BD 15 3F 42 25 ..1..P.......?B%
01A0: CA 09 02 4E C3 28 72 B4 23 42 FC C3 54 63 70 62 ...N.(r.#B..Tcpb
01B0: 5C E5 73 C0 B7 4F 9F 7C 9D 0F E5 68 D0 B5 68 37 \.s..O.....h..h7
01C0: 65 07 85 D2 B7 6E E7 F2 F4 B3 46 98 B4 62 10 68 e....n....F..b.h
01D0: E9 86 6D 25 8A DF 09 8E D5 DF A3 86 E8 FB 85 A2 ..m%............
01E0: 56 CF AF 71 C1 77 DA E3 3E 77 A9 DB B1 C2 CE 8F V..q.w..>w......
01F0: 14 C2 3C AD 2A C4 69 F2 01 D0 61 0E 32 6B 4B 8D ..<.*.i...a.2kK.
0200: 8D 17 8A 91 60 1C EA 58 60 33 AB 83 16 29 7C 14 ....`..X`3...)..
0210: E5 A6 EA F4 60 93 49 C4 A9 EB FD 36 67 75 7F CD ....`.I....6gu..
0220: 8E D9 16 25 7E B5 23 93 6A 27 16 BC F8 E4 B5 28 ...%..#.j'.....(
0230: 58 9F 6A 7B 87 C6 2B 96 CC A8 38 2E C8 E2 53 C8 X.j...+...8...S.
0240: E0 8F 80 E4 2A DB 16 78 AE E3 B8 5A 6F 5E 4C 90 ....*..x...Zo^L.
0250: 76 6C C9 04 5D 61 4B 0A 45 0F 86 78 38 9F 62 1D vl..]aK.E..x8.b.
0260: B6 04 23 0C 09 E0 A7 99 84 DA 86 54 6B 47 E8 23 ..#........TkG.#
0270: 11 C9 67 A5 D1 1D 13 8A 63 E6 FC F2 F7 E6 F7 15 ..g.....c.......
0280: E0 08 35 F1 4D 8B 69 AD E1 0B B0 E6 A8 54 A0 98 ..5.M.i......T..
0290: 37 3F 0F 58 5F 98 4D 36 08 87 30 E1 D7 9A 05 2C 7?.X_.M6..0....,
02A0: D4 DF 08 42 46 E8 67 E6 5F DD 40 9D 5C 7B 4B 37 ...BF.g._.@.\.K7
02B0: 96 60 DB 34 CB C3 3C DA 2C 79 0E B5 BB .`.4..<.,y...
Handling GET /api/json from 10.51.212.84 : RequestHandlerThread[#10], READ: TLSv1 Application Data, length = 701
Padded plaintext after DECRYPTION: len = 701
0000: 3C 3F 78 6D 6C 20 76 65 72 73 69 6F 6E 3D 22 31 <?xml version="1
0010: 2E 30 22 20 65 6E 63 6F 64 69 6E 67 3D 22 55 54 .0 " encoding=" UT
0020: 46 2D 38 22 20 73 74 61 6E 64 61 6C 6F 6E 65 3D F-8" standalone=
0030: 22 79 65 73 22 3F 3E 3C 75 73 65 72 20 65 78 70 "yes" ?><user exp
0040: 61 6E 64 3D 22 61 74 74 72 69 62 75 74 65 73 22 and= "attributes"
0050: 20 6E 61 6D 65 3D 22 63 6E 69 74 72 6F 79 22 3E name= "someuser" >
0060: 3C 6C 69 6E 6B 20 68 72 65 66 3D 22 68 74 74 70 <link href="http
0070: 73 3A 2F 2F 63 6F 6C 6C 65 63 74 69 76 65 2E 63 s: //crowdserverive.c
0080: 76 73 2E 63 6F 6D 2F 63 72 6F 77 64 2F 72 65 73 vs.com/crowd/res
0090: 74 2F 75 73 65 72 6D 61 6E 61 67 65 6D 65 6E 74 t/usermanagement
00A0: 2F 31 2F 75 73 65 72 3F 75 73 65 72 6E 61 6D 65 /1/user?username
00B0: 3D 63 6E 69 74 72 6F 79 22 20 72 65 6C 3D 22 73 =someuser " rel=" s
00C0: 65 6C 66 22 2F 3E 3C 66 69 72 73 74 2D 6E 61 6D elf"/><first-nam
00D0: 65 3E 43 6F 6C 65 6D 61 6E 3C 2F 66 69 72 73 74 e>Firensame</first
00E0: 2D 6E 61 6D 65 3E 3C 6C 61 73 74 2D 6E 61 6D 65 -name><last-name
00F0: 3E 4E 69 74 72 6F 79 3C 2F 6C 61 73 74 2D 6E 61 >Lastname</last-na
0100: 6D 65 3E 3C 64 69 73 70 6C 61 79 2D 6E 61 6D 65 me><display-name
0110: 3E 43 6F 6C 65 6D 61 6E 20 4E 69 74 72 6F 79 3C >Firensame Lastname<
0120: 2F 64 69 73 70 6C 61 79 2D 6E 61 6D 65 3E 3C 65 /display-name><e
0130: 6D 61 69 6C 3E 63 6E 69 74 72 6F 79 40 6D 65 2E mail>someuser@me.
0140: 63 6F 6D 3C 2F 65 6D 61 69 6C 3E 3C 70 61 73 73 com</email><pass
0150: 77 6F 72 64 3E 3C 6C 69 6E 6B 20 68 72 65 66 3D word><link href=
0160: 22 68 74 74 70 73 3A 2F 2F 63 6F 6C 6C 65 63 74 "https: //crowdserver
0170: 69 76 65 2E 63 76 73 2E 63 6F 6D 2F 63 72 6F 77 ive.ourdomain.com/crow
0180: 64 2F 72 65 73 74 2F 75 73 65 72 6D 61 6E 61 67 d/ rest /usermanag
0190: 65 6D 65 6E 74 2F 31 2F 75 73 65 72 2F 70 61 73 ement/1/user/pas
01A0: 73 77 6F 72 64 3F 75 73 65 72 6E 61 6D 65 3D 63 sword?username=c
01B0: 6E 69 74 72 6F 79 22 20 72 65 6C 3D 22 65 64 69 lastname " rel=" edi
01C0: 74 22 2F 3E 3C 2F 70 61 73 73 77 6F 72 64 3E 3C t"/></password><
01D0: 6B 65 79 3E 33 32 37 36 39 3A 32 32 32 62 61 64 key>32769:222bad
01E0: 66 64 2D 35 33 38 62 2D 34 37 30 33 2D 38 63 36 fd-538b-4703-8c6
01F0: 38 2D 63 39 36 31 35 31 61 61 64 64 65 36 3C 2F 8-c96151aadde6</
0200: 6B 65 79 3E 3C 61 63 74 69 76 65 3E 74 72 75 65 key><active> true
0210: 3C 2F 61 63 74 69 76 65 3E 3C 61 74 74 72 69 62 </active><attrib
0220: 75 74 65 73 3E 3C 6C 69 6E 6B 20 68 72 65 66 3D utes><link href=
0230: 22 68 74 74 70 73 3A 2F 2F 63 6F 6C 6C 65 63 74 "https: //crowdserver
0240: 69 76 65 2E 63 76 73 2E 63 6F 6D 2F 63 72 6F 77 ive.ourdomain.com/crow
0250: 64 2F 72 65 73 74 2F 75 73 65 72 6D 61 6E 61 67 d/ rest /usermanag
0260: 65 6D 65 6E 74 2F 31 2F 75 73 65 72 2F 61 74 74 ement/1/user/att
0270: 72 69 62 75 74 65 3F 75 73 65 72 6E 61 6D 65 3D ribute?username=
0280: 63 6E 69 74 72 6F 79 22 20 72 65 6C 3D 22 73 65 someuser " rel=" se
0290: 6C 66 22 2F 3E 3C 2F 61 74 74 72 69 62 75 74 65 lf"/></attribute
02A0: 73 3E 3C 2F 75 73 65 72 3E 7C BB DD D3 B6 E3 5E s></user>......^
Not at the moment. SSO is turned off. Group restriction is turned off. We only have a few users, and a cron job that hits the Jenkins API once every 5 minutes so the amount of traffic we are seeing from the plugin to the crowd server is not in line with how much use our Jenkins install gets.
Coleman
added a comment - - edited Not at the moment. SSO is turned off. Group restriction is turned off. We only have a few users, and a cron job that hits the Jenkins API once every 5 minutes so the amount of traffic we are seeing from the plugin to the crowd server is not in line with how much use our Jenkins install gets. The biggest issue we seem to be having is not the amount of request, but the fact that its not respecting the logging verbosity. With everything being forced set to warning, its still logging details that are understood to be under FINER.
These logs are not showing up in the Jenkins viewer, but are being written to disk.
Zane Pickett
added a comment - - edited The biggest issue we seem to be having is not the amount of request, but the fact that its not respecting the logging verbosity. With everything being forced set to warning, its still logging details that are understood to be under FINER.
These logs are not showing up in the Jenkins viewer, but are being written to disk. I'm afraid that somewhere hash method is not defined and it trigger some actions.
Could you point on code line or PR log level change?
Coleman
added a comment - Whoops my bad. Jenkins was started with: -Djavax.net.debug=all. Not a plugin issue at all.
Coleman
added a comment - Whoops my bad. Jenkins was started with: -Djavax.net.debug=all. Not a plugin issue at all. 
Scott Lipcon
added a comment - We seem to be seeing the same sort of behavior - 1-2k hits per minute on our crowd instance.
SSO is on, cookie domain matches between crowd & jenkins.
jenkins 1.574
crowd plugin 1.8
Atlassian Crowd 2.7.1
Scott Lipcon
added a comment - We seem to be seeing the same sort of behavior - 1-2k hits per minute on our crowd instance.
SSO is on, cookie domain matches between crowd & jenkins.
jenkins 1.574
crowd plugin 1.8
Atlassian Crowd 2.7.1
I found a very big performances issue when I upgrade one jenkins server to a LTS > 1.554
I think the new UI is doing more calls to the server. I can see many more requests from the jenkins server to crowd.
The problem is worst on one of my servers because it is far from the crowd server. It makes the UI unusable.
If I keep opened My jenkins homepage 1 minute, the jenkins server does ~1000 requests to crowd !!!!!!
there is clearly (at least) a cache issue. I need to investigate.
I started to work on a fix which integrates a cache mechanism like for LDAP. It already improved the performances on my useless (jenkins is usable) but seeing the code I need to work a little bit more on it to have really something efficient. integer if I propose a PR, are you interested to review it ?
Note : I think that the group restriction in useless and in the current release creates a lot of useless requests. It is better/safer to do this restriction on crowd side when your configure the application and which users can logon
Fixed in PR : https://github.com/jenkinsci/crowd2-plugin/pull/10
Activating caches even with a little TTL of 1 or 2 minutes makes Jenkins usable.
Here is a binary built from PR #10 for Jenkins+Crowd users who would like to give it a try
Niko Madalinski
added a comment - same issue here. it is critical for cpu load! No progress for now. "We" need to solve JENKINS-17957 and https://github.com/jenkinsci/crowd2-plugin/pull/9 before implementing the cache change. You can use the SNAPSHOT attached to the ticket as a workaround but it will probably not compatible with the next release thus for a future upgrade you'll have to reconfigure the plugin completely
Niko Madalinski
added a comment - every 5 seconds the same requests (round about 300requests)....is there really no fix?? it slows down crowd application with high cpu load
Niko Madalinski
added a comment - every 5 seconds the same requests (round about 300requests)....is there really no fix?? it slows down crowd application with high cpu load Just install the SNAPSHOT attached to the case and configure the cache. It's all what we have nikomad
There is sadly no active maintainer on this plugin
I rebased the PR on the change I did last time for JENKINS-27070 and I attached here a new snapshot of the plugin
Thomas Reith
added a comment - Hello Arnaud,
thx for your fix. It works like a charm. My crowd and jenkins were on very heavy load. Now it looks better 
Thomas
Thomas Reith
added a comment - Hello Arnaud,
thx for your fix. It works like a charm. My crowd and jenkins were on very heavy load . Now it looks better
Thomas
Removing the assignee according to https://groups.google.com/forum/#!topic/jenkinsci-dev/sFejhRvZiIM
Hi all,
version 2.0.0-beta1 has just been released and should be available soon in the Experimental Update Center.
Works on my machine™, but would be great if many of you could give it a try and check if it works as expected before the final release. Here's how to configure the Experimental Update Center https://jenkins.io/doc/developer/publishing/releasing-experimental-updates/
Somehow this is related to my newly opened issue
JENKINS-18253which I will close as a duplicate now.Anyway - this is a serious issue. We needed to switch the crowd2 plugin off since our Crowd server was not able to handle all the requests coming from Jenkins. Using tcpdump we measured up to 4000 requests per minute!!!