Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-20248

OpenID Plugin redirects REST API requests also

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Component/s: openid-plugin
    • Labels:
      None
    • Environment:
      Windows. Java 1.7. SSL-only.
    • Similar Issues:

      Description

      As far as I can tell, the OpenID plugin prevents use of the REST API, even for its most obvious use to trigger build. A GET of a URL:

      https://username:apikey@jenkinshostname.domain.com/job/JobName/config.xml

      gets redirected for OpenID auth, which a REST API consumer, having provided an API key, does not expect to have to deal with.

      Is this broken? Workaround? Fix?

        Attachments

          Activity

          Hide
          amatheny Andrew Matheny added a comment -

          I'm also having the same issue.

          I've tried

          curl -uUSER:TOKEN https://hostname/jenkins/view/Active/api/json?token=TOKEN
          

          but it returns a 403 with a redirect to /jenkins/securityRealm/commenceLogin.

          Show
          amatheny Andrew Matheny added a comment - I'm also having the same issue. I've tried curl -uUSER:TOKEN https: //hostname/jenkins/view/Active/api/json?token=TOKEN but it returns a 403 with a redirect to /jenkins/securityRealm/commenceLogin.
          Hide
          mrpsycho Yar n added a comment -

          so old bug and no activity? (((( sucks(((

          Show
          mrpsycho Yar n added a comment - so old bug and no activity? (((( sucks(((
          Hide
          mattrusselluk MattRussellUK added a comment -

          I had this issue, hope this might help someone else: in my case, it was the reverse-proxy stripping out the auth header before reaching Jenkins (we had "RequestHeader unset Authorization" in our Apache config for some reason). It works fine now.

          Show
          mattrusselluk MattRussellUK added a comment - I had this issue, hope this might help someone else: in my case, it was the reverse-proxy stripping out the auth header before reaching Jenkins (we had "RequestHeader unset Authorization" in our Apache config for some reason). It works fine now.

            People

            Assignee:
            kohsuke Kohsuke Kawaguchi
            Reporter:
            kylecordes kylecordes
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated: