Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-53497

Jenkins redirecting from https to http

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Duplicate
    • Component/s: other
    • Labels:
      None
    • Similar Issues:

      Description

      I'm using the latest Jenkins 2.141 docker image and have corrected configured https url in Jenkins->ConfigureSystem->JenkinsUrl property. Yet opening certain pages, redirects to `http` urls.

      Related issue - https://issues.jenkins-ci.org/browse/JENKINS-10675

        Attachments

          Issue Links

            Activity

            Hide
            nsurana Nitin Surana added a comment -
            Show
            nsurana Nitin Surana added a comment - Duplicate of https://issues.jenkins-ci.org/browse/JENKINS-53434  
            Hide
            ckonstanski Carlos Konstanski added a comment -

            I came here to report this issue and found this one already reported. I have more information to add.

            For quite some time I ran haproxy -> jenkins and that worked well. SSL was being terminated at haproxy. I did not get the https URLs being 302'd to http. But I recently added apached in front of the pipeline, e.g. apache -> haproxy -> jenkins. Now SSL is being terminated at apache. And now I am seeing the issue where https is being rewritten to http.

            Redirecting port 80 to 443 at apache is not an option. As I read through other issues, I see that thr are plenty  that speak of dwindling support for port 80 in corporate network environments. My work environment is no exception. If I open port 80, I'll get angry emails.

            A webapp like jenkins needs to honor whatever infrastructure is placed upstream from it. Please do not rewrite URLs. You cannot know what operators must do to make things work in their environments, and it's not your job to have an opinion on it.

            Sample login (redacted):

            POST /j_acegi_security_check HTTP/1.1
            Host: localhost:8001
            User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0
            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
            Accept-Language: en-US,de;q=0.7,en;q=0.3
            Accept-Encoding: gzip, deflate, br
            Referer: https://openbook-jenkins-master.meter.vzwops.com/login?from=%2Fview%2Fopenbook%2F
            Content-Type: application/x-www-form-urlencoded
            DNT: 1
            Cookie: iconSize=16x16; jenkins-timestamper-offset=21600000; screenResolution=1440x900; JSESSIONID.a5761e5e=node0yhyguo9gmmz87vd5k02jlntr130.node0; JSESSIONID.bab614ae=node011mhw1v72qpxezxrvpnfa4bvw1.node0; JSESSIONID.6cca6ef5=node01of5t1znyg5421ape7vtgvhqe91.node0; JSESSIONID.21329fb7=node0vutsioe817odznpys8dxcm8t15.node0; JSESSIONID.a569f2e9=node01rwntrdy6tc9y14owwu2r31nyp32.node0
            Upgrade-Insecure-Requests: 1
            X-Forwarded-For: 10.134.9.171
            X-Forwarded-Host: openbook-jenkins-master.meter.vzwops.com
            X-Forwarded-Server: openbook-jenkins-master.meter.vzwops.com
            Content-Length: 80
            X-Forwarded-For: 127.0.0.1

            j_username=myuser&j_password=mypass&from=%2Fview%2Fopenbook%2F&Submit=Sign+inHTTP/1.1 302 Found
            Date: Mon, 15 Apr 2019 16:28:37 GMT
            Server: Jetty(9.4.z-SNAPSHOT)
            X-Content-Type-Options: nosniff
            Expires: Thu, 01 Jan 1970 00:00:00 GMT
            Location: http://openbook-jenkins-master.meter.vzwops.com/view/openbook/
            Content-Length: 0
            Set-Cookie: JSESSIONID.a569f2e9=node0uzw79gyq1ofws8ulrlwztuyz33.node0;Path=/;HttpOnly

            Show
            ckonstanski Carlos Konstanski added a comment - I came here to report this issue and found this one already reported. I have more information to add. For quite some time I ran haproxy -> jenkins and that worked well. SSL was being terminated at haproxy. I did not get the https URLs being 302'd to http. But I recently added apached in front of the pipeline, e.g. apache -> haproxy -> jenkins. Now SSL is being terminated at apache. And now I am seeing the issue where https is being rewritten to http. Redirecting port 80 to 443 at apache is not an option. As I read through other issues, I see that thr are plenty  that speak of dwindling support for port 80 in corporate network environments. My work environment is no exception. If I open port 80, I'll get angry emails. A webapp like jenkins needs to honor whatever infrastructure is placed upstream from it. Please do not rewrite URLs. You cannot know what operators must do to make things work in their environments, and it's not your job to have an opinion on it. Sample login (redacted): POST /j_acegi_security_check HTTP/1.1 Host: localhost:8001 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9, / ;q=0.8 Accept-Language: en-US,de;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate, br Referer: https://openbook-jenkins-master.meter.vzwops.com/login?from=%2Fview%2Fopenbook%2F Content-Type: application/x-www-form-urlencoded DNT: 1 Cookie: iconSize=16x16; jenkins-timestamper-offset=21600000; screenResolution=1440x900; JSESSIONID.a5761e5e=node0yhyguo9gmmz87vd5k02jlntr130.node0; JSESSIONID.bab614ae=node011mhw1v72qpxezxrvpnfa4bvw1.node0; JSESSIONID.6cca6ef5=node01of5t1znyg5421ape7vtgvhqe91.node0; JSESSIONID.21329fb7=node0vutsioe817odznpys8dxcm8t15.node0; JSESSIONID.a569f2e9=node01rwntrdy6tc9y14owwu2r31nyp32.node0 Upgrade-Insecure-Requests: 1 X-Forwarded-For: 10.134.9.171 X-Forwarded-Host: openbook-jenkins-master.meter.vzwops.com X-Forwarded-Server: openbook-jenkins-master.meter.vzwops.com Content-Length: 80 X-Forwarded-For: 127.0.0.1 j_username=myuser&j_password=mypass&from=%2Fview%2Fopenbook%2F&Submit=Sign+inHTTP/1.1 302 Found Date: Mon, 15 Apr 2019 16:28:37 GMT Server: Jetty(9.4.z-SNAPSHOT) X-Content-Type-Options: nosniff Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: http://openbook-jenkins-master.meter.vzwops.com/view/openbook/ Content-Length: 0 Set-Cookie: JSESSIONID.a569f2e9=node0uzw79gyq1ofws8ulrlwztuyz33.node0;Path=/;HttpOnly

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              nsurana Nitin Surana
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: