[JENKINS-64933] Configure Systems - Apply and Save not working with tomcat - Jenkins Jira

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Blocker
Resolution: Unresolved
Component/s: core
Labels:
- 403
- configuration
- crumb
- csrf
- jenkins
- tomcat
Environment:
Jenkins version is 2.263.1-LTS
Java Version - openjdk version "1.8.0_275"
OS - CentOS -8.2
Apache-tomcat-9.0.30
Reverse proxy running in-front of Jenkins.

Similar Issues:

Show

Description

Under Manage Jenkins --> Configure Systems section, if i click apply or save button it shows below error on browser(Firefox, Chrome). I cannot Apply (Or) Save any configuration due to below errors.

HTTP Status 403 – Forbidden

Type Status Report

Message No valid crumb was included in the request

Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30

Do i need to add any additional configuration in my tomcat side? Please let me know.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

1.png
2021-02-28 11:52
4 kB
Mohan
2.png
2021-03-02 07:36
9 kB
Mohan

Activity

Ascending order - Click to sort in descending order

View 7 older comments

Mohan added a comment - 2021-03-04 03:48 - edited

We have been running our jenkins under tomcat for last 10 years until we upgrade our jenkins from 2.235.5 (LTS) to 2.263.1-LTS we had no issue.

Sure we will consider to move out of tomcat.

Nginx reverse proxy side seems no issues, because i have tested without nginx reverse proxy even in that too facing same problem.

it looks CSRF is causing issue with tomcat. still digging. hopefully will sorted out.

Mohan added a comment - 2021-03-04 03:48 - edited We have been running our jenkins under tomcat for last 10 years until we upgrade our jenkins from 2.235.5 (LTS) to 2.263.1-LTS we had no issue. Sure we will consider to move out of tomcat. Nginx reverse proxy side seems no issues, because i have tested without nginx reverse proxy even in that too facing same problem. it looks CSRF is causing issue with tomcat. still digging. hopefully will sorted out.

Mohan added a comment - 2021-03-04 04:34 - edited

Tested with Jenkins - 2.235.5-LTS and with same version of apache-tomcat-9.0.43 here there is no issue.

Mohan added a comment - 2021-03-04 04:34 - edited Tested with Jenkins - 2.235.5-LTS and with same version of apache-tomcat-9.0.43 here there is no issue.

Suresh Dega added a comment - 2022-07-31 10:15

Hi Mohan,

Is this issue is resolved..? Please let me know what is the fix for this...?I'm facing same issue. It will great helpfull if you provide the solution..

Suresh Dega added a comment - 2022-07-31 10:15 Hi Mohan, Is this issue is resolved..? Please let me know what is the fix for this...?I'm facing same issue. It will great helpfull if you provide the solution..

Deepa TP added a comment - 2022-09-15 11:50

Hi Mohan,

Is this issue resolved? if yes, please provide the solution. even am facing the same issue. It is taking lots of time to fix and am not understanding the root cause for this. This has been a blocker in the production environment,

Deepa TP added a comment - 2022-09-15 11:50 Hi Mohan, Is this issue resolved? if yes, please provide the solution. even am facing the same issue. It is taking lots of time to fix and am not understanding the root cause for this. This has been a blocker in the production environment,

Mohan added a comment - 2022-09-18 04:59

Hi Suresh & Deepa, I have solved my problem by moving my Jenkins outside of Apache.

Mohan added a comment - 2022-09-18 04:59 Hi Suresh & Deepa, I have solved my problem by moving my Jenkins outside of Apache.

People

Assignee:: Unassigned

Reporter:: Mohan

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2021-02-24 06:02

Updated:: 2022-09-18 04:59