• Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical Critical
    • core
    •  JENKINS WAR VERSION 1.573
       WINDOWS SERVER 2008 R2 ENTERPRISE
       AMD OPTERON(TM) PROCESSOR 6136 2.4 GHZ (2 PROCESSORS)
       4.0 GB RAM
       64-BIT OPERATION SYSTEM
       WEBSPHERE APPLICATION SERVER 8.5.5

      When going to Manage Jenkins and clicking Prepare for Shutdown the /quietDown throws a HTTP 405 Method Not Allowed. I cannot find anything in any logs as to why.

          [JENKINS-23942] quietDown reports HTTP 405 Method Not Allowed

          Bruce Coveny added a comment -

          I understand that but I am obviously passing in the credentials much like that should be passed to the /quietDown URL when logged in from the screens. I feel this is the issue that the credentials are not properly supplied and generating the error HTTP 405 as well as the cli throwing the error thinking that I am anonymous which doesn't have the proper permissions where my username does have the proper permissions. With you saying this is working in 1.572 and 1.573 is your instance configured with security and the anonymous account not having the overall/administer permission? Can you try to change that and see if your errors like this?

          Bruce Coveny added a comment - I understand that but I am obviously passing in the credentials much like that should be passed to the /quietDown URL when logged in from the screens. I feel this is the issue that the credentials are not properly supplied and generating the error HTTP 405 as well as the cli throwing the error thinking that I am anonymous which doesn't have the proper permissions where my username does have the proper permissions. With you saying this is working in 1.572 and 1.573 is your instance configured with security and the anonymous account not having the overall/administer permission? Can you try to change that and see if your errors like this?

          Daniel Beck added a comment -

          CLI is a bit weird about argument order, so that could be the cause.

          Re the basic issue, I tried on both Jenkins 1.572 and 1.573 running on bundled Jetty and neither prevented /quietDown from working (even if accessing the URL directly). OTOH canceling it again does not work. 'Try POSTing instead' on the UI (and even that fails when CSRF crumbs are configured).

          Daniel Beck added a comment - CLI is a bit weird about argument order, so that could be the cause. Re the basic issue, I tried on both Jenkins 1.572 and 1.573 running on bundled Jetty and neither prevented /quietDown from working (even if accessing the URL directly). OTOH canceling it again does not work. 'Try POSTing instead' on the UI (and even that fails when CSRF crumbs are configured).

          Bruce Coveny added a comment -

          cli cancel-quiet-down security

          Bruce Coveny added a comment - cli cancel-quiet-down security

          Bruce Coveny added a comment - - edited

          So your testing on 1.572 and 1.573 was without security enabled?

          I gave anonymous Overall/Administer permission and the /quietDown still gives me HTTP 405 error. I then tried the cli again and the cli now works with quiet-down. The /cancelQuietDown gives me the HTTP 405 error as well. The cli for cancel-quiet-down works. I then took the security option for Overall/Adminsiter back away and the cancel-quiet-down fails. (Added image of this situation to request)

          Bruce Coveny added a comment - - edited So your testing on 1.572 and 1.573 was without security enabled? I gave anonymous Overall/Administer permission and the /quietDown still gives me HTTP 405 error. I then tried the cli again and the cli now works with quiet-down. The /cancelQuietDown gives me the HTTP 405 error as well. The cli for cancel-quiet-down works. I then took the security option for Overall/Adminsiter back away and the cancel-quiet-down fails. (Added image of this situation to request)

          Daniel Beck added a comment -

          Let's table the CLI issue for now. I can reproduce the issue and have a working hypothesis about the reason, will file this separately if I can get confirmation later today. Workaround: Use an SSH key for authentication.


          Re my testing: That was

          • via the GUI (both clicking the management link and navigating to /quietDown manually),
          • with security enabled,
          • CSRF crumb enabled/disabled did not make any difference,
          • anonymous having NO permissions,
          • on 1.572 and 1.573.
          • Jenkins running on CentOS, OpenJDK 7, embedded Jetty

          Should be easy enough to set up an ad-hoc Jenkins instance on a local desktop or so and use Jenkins internal user DB to test whether the issue occurs there as well. Don't have a Windows box right now to reproduce your setup (and no Websphere for that matter!)

          Daniel Beck added a comment - Let's table the CLI issue for now. I can reproduce the issue and have a working hypothesis about the reason, will file this separately if I can get confirmation later today. Workaround: Use an SSH key for authentication. Re my testing: That was via the GUI (both clicking the management link and navigating to /quietDown manually), with security enabled, CSRF crumb enabled/disabled did not make any difference, anonymous having NO permissions, on 1.572 and 1.573. Jenkins running on CentOS, OpenJDK 7, embedded Jetty Should be easy enough to set up an ad-hoc Jenkins instance on a local desktop or so and use Jenkins internal user DB to test whether the issue occurs there as well. Don't have a Windows box right now to reproduce your setup (and no Websphere for that matter!)

          Daniel Beck added a comment -

          FYI I filed the CLI issue as JENKINS-23988.

          Daniel Beck added a comment - FYI I filed the CLI issue as JENKINS-23988 .

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/java/hudson/model/ManagementLink.java
          core/src/main/java/jenkins/management/ShutdownLink.java
          core/src/main/resources/jenkins/model/Jenkins/manage.jelly
          core/src/main/resources/lib/form/link.jelly
          core/src/main/resources/lib/form/link/link.js
          core/src/main/resources/lib/hudson/queue.jelly
          http://jenkins-ci.org/commit/jenkins/fda84f456f4be4f48048970a6055399f17761ab0
          Log:
          Merge pull request #1306 from bkmeneguello/post-cancel-shutdown

          [FIXED JENKINS-23020 JENKINS-23942] Convert the queue's cancel shutdown to POST

          Compare: https://github.com/jenkinsci/jenkins/compare/2b6c00db3406...fda84f456f4b

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/java/hudson/model/ManagementLink.java core/src/main/java/jenkins/management/ShutdownLink.java core/src/main/resources/jenkins/model/Jenkins/manage.jelly core/src/main/resources/lib/form/link.jelly core/src/main/resources/lib/form/link/link.js core/src/main/resources/lib/hudson/queue.jelly http://jenkins-ci.org/commit/jenkins/fda84f456f4be4f48048970a6055399f17761ab0 Log: Merge pull request #1306 from bkmeneguello/post-cancel-shutdown [FIXED JENKINS-23020 JENKINS-23942] Convert the queue's cancel shutdown to POST Compare: https://github.com/jenkinsci/jenkins/compare/2b6c00db3406...fda84f456f4b

          Daniel Beck added a comment -

          Should be fixed in 1.584.

          Daniel Beck added a comment - Should be fixed in 1.584.

          Bruce Coveny added a comment -

          Tested in 1.585 works now.

          Bruce Coveny added a comment - Tested in 1.585 works now.

          Code changed in jenkins
          User: Daniel Beck
          Path:
          core/src/main/java/hudson/model/ManagementLink.java
          core/src/main/java/jenkins/management/ShutdownLink.java
          core/src/main/resources/jenkins/model/Jenkins/manage.jelly
          core/src/main/resources/lib/form/link.jelly
          core/src/main/resources/lib/form/link/link.js
          core/src/main/resources/lib/hudson/queue.jelly
          http://jenkins-ci.org/commit/jenkins/b73bb3d0af419dd653b743b4c0b8458c965396e1
          Log:
          Merge pull request #1306 from bkmeneguello/post-cancel-shutdown

          [FIXED JENKINS-23020 JENKINS-23942] Convert the queue's cancel shutdown to POST
          (cherry picked from commit fda84f456f4be4f48048970a6055399f17761ab0)

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: core/src/main/java/hudson/model/ManagementLink.java core/src/main/java/jenkins/management/ShutdownLink.java core/src/main/resources/jenkins/model/Jenkins/manage.jelly core/src/main/resources/lib/form/link.jelly core/src/main/resources/lib/form/link/link.js core/src/main/resources/lib/hudson/queue.jelly http://jenkins-ci.org/commit/jenkins/b73bb3d0af419dd653b743b4c0b8458c965396e1 Log: Merge pull request #1306 from bkmeneguello/post-cancel-shutdown [FIXED JENKINS-23020 JENKINS-23942] Convert the queue's cancel shutdown to POST (cherry picked from commit fda84f456f4be4f48048970a6055399f17761ab0)

            Unassigned Unassigned
            bcoveny Bruce Coveny
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: