Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64933

Configure Systems - Apply and Save not working with tomcat

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Blocker
    • Resolution: Unresolved
    • Component/s: core
    • Environment:
      Jenkins version is 2.263.1-LTS
      Java Version - openjdk version "1.8.0_275"
      OS - CentOS -8.2
      Apache-tomcat-9.0.30
      Reverse proxy running in-front of Jenkins.
    • Similar Issues:

      Description

       Under Manage Jenkins --> Configure Systems section, if i click apply or save button it shows below error on browser(Firefox, Chrome). I cannot Apply (Or) Save any configuration due to below errors.

      HTTP Status 403 – Forbidden

      Type Status Report

      Message No valid crumb was included in the request

      Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30

       Do i need to add any additional configuration in my tomcat side? Please let me know.

       

        Attachments

        1. 1.png
          1.png
          4 kB
        2. 2.png
          2.png
          9 kB

          Activity

          Hide
          smohan08 Mohan added a comment - - edited

          Tested with Jenkins - 2.235.5-LTS and with same version of apache-tomcat-9.0.43 here there is no issue.

          Show
          smohan08 Mohan added a comment - - edited Tested with Jenkins - 2.235.5-LTS and with same version of apache-tomcat-9.0.43 here there is no issue.
          Hide
          smohan08 Mohan added a comment - - edited

          We have been running our jenkins under tomcat for last 10 years until we upgrade our jenkins from 2.235.5 (LTS) to 2.263.1-LTS we had no issue.

          Sure we will consider to move out of tomcat.

          Nginx reverse proxy side seems no issues, because i have tested without nginx reverse proxy even in that too facing same problem.

          it looks CSRF is causing issue with tomcat. still digging. hopefully will sorted out.

           

          Show
          smohan08 Mohan added a comment - - edited We have been running our jenkins under tomcat for last 10 years until we upgrade our jenkins from 2.235.5 (LTS) to 2.263.1-LTS we had no issue. Sure we will consider to move out of tomcat. Nginx reverse proxy side seems no issues, because i have tested without nginx reverse proxy even in that too facing same problem. it looks CSRF is causing issue with tomcat. still digging. hopefully will sorted out.  
          Hide
          markewaite Mark Waite added a comment -

          My best suggestion is to not try to run Jenkins under tomcat. Run it as a separate application so that you don't need to wrestle with Tomcat configuration.

          If you need a reverse proxy between the user and Jenkins, consider nginx, Apache, HAProxy, or Squid as described in reverse proxy configuration.

          Show
          markewaite Mark Waite added a comment - My best suggestion is to not try to run Jenkins under tomcat. Run it as a separate application so that you don't need to wrestle with Tomcat configuration. If you need a reverse proxy between the user and Jenkins, consider nginx, Apache, HAProxy, or Squid as described in reverse proxy configuration .
          Hide
          smohan08 Mohan added a comment -

          Any help would be much appreciated

          Show
          smohan08 Mohan added a comment - Any help would be much appreciated
          Hide
          smohan08 Mohan added a comment - - edited

          Even tried by addeding below in /apache-tomcat-9.0.43/conf/tomcat-users.xml file, however still same issue.

           

          <?xml version='1.0' encoding='utf-8'?>
          <tomcat-users>
              <role rolename="manager-gui"/>
              <role rolename="manager-script"/>
              <role rolename="manager-jmx"/>
              <role rolename="manager-status"/>
              <role rolename="admin-gui"/>
              <role rolename="admin-script"/>
              <user username="user" password="password" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
          </tomcat-users>
          

           

           

          Show
          smohan08 Mohan added a comment - - edited Even tried by addeding below in /apache-tomcat-9.0.43/conf/tomcat-users.xml file, however still same issue.   <?xml version= '1.0' encoding= 'utf-8' ?> <tomcat-users>     <role rolename= "manager-gui" />     <role rolename= "manager-script" />     <role rolename= "manager-jmx" />     <role rolename= "manager-status" />     <role rolename= "admin-gui" />     <role rolename= "admin-script" />     <user username= "user" password= "password" roles= "manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script" /> </tomcat-users>    

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            smohan08 Mohan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: