[JENKINS-53497] Jenkins redirecting from https to http

Type: Bug
Resolution: Duplicate
Priority: Major
Component/s: other
Labels:
None

Similar Issues:
Powered by SuggestiMate

Show

I'm using the latest Jenkins 2.141 docker image and have corrected configured https url in Jenkins->ConfigureSystem->JenkinsUrl property. Yet opening certain pages, redirects to `http` urls.

Related issue - https://issues.jenkins-ci.org/browse/JENKINS-10675

blocks

JENKINS-53434 Jenkins redirecting to http url even though jenkins_url is configured to be https

Open

Nitin Surana added a comment - 2018-09-10 17:32

Duplicate of https://issues.jenkins-ci.org/browse/JENKINS-53434

Nitin Surana added a comment - 2018-09-10 17:32 Duplicate of https://issues.jenkins-ci.org/browse/JENKINS-53434

Carlos Konstanski added a comment - 2019-04-15 17:22

I came here to report this issue and found this one already reported. I have more information to add.

For quite some time I ran haproxy -> jenkins and that worked well. SSL was being terminated at haproxy. I did not get the https URLs being 302'd to http. But I recently added apached in front of the pipeline, e.g. apache -> haproxy -> jenkins. Now SSL is being terminated at apache. And now I am seeing the issue where https is being rewritten to http.

Redirecting port 80 to 443 at apache is not an option. As I read through other issues, I see that thr are plenty that speak of dwindling support for port 80 in corporate network environments. My work environment is no exception. If I open port 80, I'll get angry emails.

A webapp like jenkins needs to honor whatever infrastructure is placed upstream from it. Please do not rewrite URLs. You cannot know what operators must do to make things work in their environments, and it's not your job to have an opinion on it.

Sample login (redacted):

POST /j_acegi_security_check HTTP/1.1
Host: localhost:8001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,de;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Referer: https://openbook-jenkins-master.meter.vzwops.com/login?from=%2Fview%2Fopenbook%2F
Content-Type: application/x-www-form-urlencoded
DNT: 1
Cookie: iconSize=16x16; jenkins-timestamper-offset=21600000; screenResolution=1440x900; JSESSIONID.a5761e5e=node0yhyguo9gmmz87vd5k02jlntr130.node0; JSESSIONID.bab614ae=node011mhw1v72qpxezxrvpnfa4bvw1.node0; JSESSIONID.6cca6ef5=node01of5t1znyg5421ape7vtgvhqe91.node0; JSESSIONID.21329fb7=node0vutsioe817odznpys8dxcm8t15.node0; JSESSIONID.a569f2e9=node01rwntrdy6tc9y14owwu2r31nyp32.node0
Upgrade-Insecure-Requests: 1
X-Forwarded-For: 10.134.9.171
X-Forwarded-Host: openbook-jenkins-master.meter.vzwops.com
X-Forwarded-Server: openbook-jenkins-master.meter.vzwops.com
Content-Length: 80
X-Forwarded-For: 127.0.0.1

j_username=myuser&j_password=mypass&from=%2Fview%2Fopenbook%2F&Submit=Sign+inHTTP/1.1 302 Found
Date: Mon, 15 Apr 2019 16:28:37 GMT
Server: Jetty(9.4.z-SNAPSHOT)
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://openbook-jenkins-master.meter.vzwops.com/view/openbook/
Content-Length: 0
Set-Cookie: JSESSIONID.a569f2e9=node0uzw79gyq1ofws8ulrlwztuyz33.node0;Path=/;HttpOnly

Carlos Konstanski added a comment - 2019-04-15 17:22 I came here to report this issue and found this one already reported. I have more information to add. For quite some time I ran haproxy -> jenkins and that worked well. SSL was being terminated at haproxy. I did not get the https URLs being 302'd to http. But I recently added apached in front of the pipeline, e.g. apache -> haproxy -> jenkins. Now SSL is being terminated at apache. And now I am seeing the issue where https is being rewritten to http. Redirecting port 80 to 443 at apache is not an option. As I read through other issues, I see that thr are plenty that speak of dwindling support for port 80 in corporate network environments. My work environment is no exception. If I open port 80, I'll get angry emails. A webapp like jenkins needs to honor whatever infrastructure is placed upstream from it. Please do not rewrite URLs. You cannot know what operators must do to make things work in their environments, and it's not your job to have an opinion on it. Sample login (redacted): POST /j_acegi_security_check HTTP/1.1 Host: localhost:8001 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9, / ;q=0.8 Accept-Language: en-US,de;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate, br Referer: https://openbook-jenkins-master.meter.vzwops.com/login?from=%2Fview%2Fopenbook%2F Content-Type: application/x-www-form-urlencoded DNT: 1 Cookie: iconSize=16x16; jenkins-timestamper-offset=21600000; screenResolution=1440x900; JSESSIONID.a5761e5e=node0yhyguo9gmmz87vd5k02jlntr130.node0; JSESSIONID.bab614ae=node011mhw1v72qpxezxrvpnfa4bvw1.node0; JSESSIONID.6cca6ef5=node01of5t1znyg5421ape7vtgvhqe91.node0; JSESSIONID.21329fb7=node0vutsioe817odznpys8dxcm8t15.node0; JSESSIONID.a569f2e9=node01rwntrdy6tc9y14owwu2r31nyp32.node0 Upgrade-Insecure-Requests: 1 X-Forwarded-For: 10.134.9.171 X-Forwarded-Host: openbook-jenkins-master.meter.vzwops.com X-Forwarded-Server: openbook-jenkins-master.meter.vzwops.com Content-Length: 80 X-Forwarded-For: 127.0.0.1 j_username=myuser&j_password=mypass&from=%2Fview%2Fopenbook%2F&Submit=Sign+inHTTP/1.1 302 Found Date: Mon, 15 Apr 2019 16:28:37 GMT Server: Jetty(9.4.z-SNAPSHOT) X-Content-Type-Options: nosniff Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: http://openbook-jenkins-master.meter.vzwops.com/view/openbook/ Content-Length: 0 Set-Cookie: JSESSIONID.a569f2e9=node0uzw79gyq1ofws8ulrlwztuyz33.node0;Path=/;HttpOnly

Manikantareddy Buchi added a comment - 2021-10-28 01:21

I am still seeing this issue.

Manikantareddy Buchi added a comment - 2021-10-28 01:21 I am still seeing this issue.

Jenkins

Details

Description

Attachments

Issue Links

Activity

Collapse comment: Nitin Surana added a comment - 2018-09-10 17:32

Expand comment: Nitin Surana added a comment - 2018-09-10 17:32

Collapse comment: Carlos Konstanski added a comment - 2019-04-15 17:22

Expand comment: Carlos Konstanski added a comment - 2019-04-15 17:22

Collapse comment: Manikantareddy Buchi added a comment - 2021-10-28 01:21

Expand comment: Manikantareddy Buchi added a comment - 2021-10-28 01:21

People

Dates