Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64933

Configure Systems - Apply and Save not working with tomcat

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Blocker
    • Resolution: Unresolved
    • Component/s: core
    • Environment:
      Jenkins version is 2.263.1-LTS
      Java Version - openjdk version "1.8.0_275"
      OS - CentOS -8.2
      Apache-tomcat-9.0.30
      Reverse proxy running in-front of Jenkins.
    • Similar Issues:

      Description

       Under Manage Jenkins --> Configure Systems section, if i click apply or save button it shows below error on browser(Firefox, Chrome). I cannot Apply (Or) Save any configuration due to below errors.

      HTTP Status 403 – Forbidden

      Type Status Report

      Message No valid crumb was included in the request

      Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30

       Do i need to add any additional configuration in my tomcat side? Please let me know.

       

        Attachments

        1. 1.png
          1.png
          4 kB
        2. 2.png
          2.png
          9 kB

          Activity

          smohan08 Mohan created issue -
          smohan08 Mohan made changes -
          Field Original Value New Value
          Summary Jenkins with some of the latest version of plugins Configure Systems - Apply and Save not working With latest version of plugins Configure Systems - Apply and Save not working
          smohan08 Mohan made changes -
          Comment [ Below plugins were upgraded, after this Apply & Save fails.
          {code:java}
          Active Choices
          AnsiColor
          Apache HttpComponents Client 4.x API
          Bootstrap 4 API
          Plugin Utilities API
          Checks API
          ClearCase
          Credentials
          Docker
          Pipeline: Model API
          Pipeline: Declarative Extension Points API
          Pipeline: Stage Tags Metadata
          Pipeline: Declarative
          Docker Pipeline
          ECharts API
          Token Macro
          Email Extension
          Font Awesome API
          Git client
          Script Security
          Git
          Git client
          GitHub
          GitHub API
          Jackson 2 API
          Java JSON Web Token (JJWT)
          GitHub Branch Source
          Google OAuth Credentials
          Jackson 2 API
          JaCoCo
          JUnit
          Kubernetes Credentials
          Structs
          Variant
          Kubernetes Client API
          Pipeline: API
          Pipeline: Groovy
          Kubernetes
          Kubernetes CLI
          Kubernetes Client API
          Kubernetes Credentials
          Log CLI
          Matrix Authorization Strategy
          Metrics
          Oracle Java SE Development Kit Installer
          P4
          Pipeline: API
          Pipeline: Declarative
          Pipeline: Declarative Extension Points API
          Pipeline: Groovy
          Pipeline: Milestone Step
          Pipeline: Model API
          Pipeline: SCM Step
          Pipeline: Shared Groovy Libraries
          Pipeline: Stage Tags Metadata
          Plugin Utilities API
          Popper.js API
          Resource Disposer
          Script Security
          SSH Agent
          SSH Build Agents
          Structs
          Subversion
          Token Macro
          Variant
          Workspace Cleanup

          {code}
            ]
          smohan08 Mohan made changes -
          Description After few plugins upgrade to latest versions, Under {{Manage Jenkins}} --> {{Configure Systems}} section, if i click {{save}} button it shows below error on browser. I cannot {{Apply}} (Or) {{Save}} any configuration.
          {quote}{color:#FF0000}HTTP Status 403 – Forbidden{color}

          {color:#FF0000}Type Status Report{color}

          {color:#FF0000}Message No valid crumb was included in the request{color}

          {color:#FF0000}Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30{color}
          {quote}
          {color:#172b4d}Have verified with old version plugins and upgraded(Latest version plugins).{color}

          +{color:#172b4d}*With the below listed OLD Plugins - (Working)*{color}+

          {color:#403294}Build Timestamp Plugin (build-timestamp): 1.0.3{color}
          {color:#403294}Google OAuth Credentials plugin (google-oauth-plugin): 1.0.2{color}
          {color:#403294}Publish Over SSH (publish-over-ssh): 1.22{color}
          {color:#403294}Build Timeout (build-timeout): 1.20{color}
          {color:#403294}JQuery3 API Plugin (jquery3-api): 3.5.1-2{color}
          {color:#403294}Structs Plugin (structs): 1.20{color}
          {color:#403294}Pipeline: Milestone Step (pipeline-milestone-step): 1.3.1{color}
          {color:#403294}Folders Plugin (cloudbees-folder): 6.15{color}
          {color:#403294}Gerrit Trigger (gerrit-trigger): 2.32.0{color}
          {color:#403294}Workspace Cleanup Plugin (ws-cleanup): 0.38{color}
          {color:#403294}Script Security Plugin (script-security): 1.75{color}
          {color:#403294}Lockable Resources plugin (lockable-resources): 2.10{color}
          {color:#403294}Rebuilder (rebuild): 1.31{color}
          {color:#403294}Pipeline: Step API (workflow-step-api): 2.23{color}
          {color:#403294}Display URL API (display-url-api): 2.3.4{color}
          {color:#403294}JSch dependency plugin (jsch): 0.1.55.2{color}
          {color:#403294}GitHub plugin (github): 1.32.0{color}
          {color:#403294}Pipeline: Groovy (workflow-cps): 2.87{color}
          {color:#403294}Pipeline: Model API (pipeline-model-api): 1.7.2{color}
          {color:#403294}JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1{color}
          {color:#403294}Job/Queue/Slaves Monitoring Plugin (jqs-monitoring): 1.4{color}
          {color:#403294}Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.10-2.0{color}
          {color:#403294}Docker plugin (docker-plugin): 1.2.1{color}
          {color:#403294}Ant Plugin (ant): 1.11{color}
          {color:#403294}SCM API Plugin (scm-api): 2.6.4{color}
          {color:#403294}JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin (jquery-detached): 1.2.1{color}
          {color:#403294}Badge (badge): 1.8{color}
          {color:#403294}Pipeline: Multibranch (workflow-multibranch): 2.22{color}
          {color:#403294}Docker Commons Plugin (docker-commons): 1.17{color}
          {color:#403294}Git plugin (git): 4.5.0{color}
          {color:#403294}Variant Plugin (variant): 1.3{color}
          {color:#403294}JavaScript GUI Lib: Moment.js bundle plugin (momentjs): 1.1.1{color}
          {color:#403294}Node and Label parameter plugin (nodelabelparameter): 1.7.2{color}
          {color:#403294}ECharts API Plugin (echarts-api): 4.9.0-2{color}
          {color:#403294}PAM Authentication plugin (pam-auth): 1.6{color}
          {color:#403294}Email Extension Plugin (email-ext): 2.80{color}
          {color:#403294}LDAP Plugin (ldap): 1.26{color}
          {color:#403294}description setter plugin (description-setter): 1.10{color}
          {color:#403294}Gerrit Verify Status Reporter Plugin (gerrit-verify-status-reporter): 0.0.3{color}
          {color:#403294}Gradle Plugin (gradle): 1.36{color}
          {color:#403294}MapDB API Plugin (mapdb-api): 1.0.9.0{color}
          {color:#403294}External Monitor Job Type Plugin (external-monitor-job): 1.7{color}
          {color:#403294}Kubernetes plugin (kubernetes): 1.28.4{color}
          {color:#403294}GitHub API Plugin (github-api): 1.117{color}
          {color:#403294}Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37{color}
          {color:#403294}Infrastructure plugin for Publish Over X (publish-over): 0.22{color}
          {color:#403294}Pipeline: GitHub Groovy Libraries (pipeline-github-lib): 1.0{color}
          {color:#403294}jQuery plugin (jquery): 1.12.4-1{color}
          {color:#403294}Pipeline: Stage View Plugin (pipeline-stage-view): 2.19{color}
          {color:#403294}Plain Credentials Plugin (plain-credentials): 1.7{color}
          {color:#403294}Log CLI Plugin (log-cli): 60.b1ee6375b940{color}
          {color:#403294}Authentication Tokens API Plugin (authentication-tokens): 1.4{color}
          {color:#403294}Credentials Binding Plugin (credentials-binding): 1.24{color}
          {color:#403294}Scriptler (scriptler): 3.1{color}
          {color:#403294}Docker Pipeline (docker-workflow): 1.25{color}
          {color:#403294}Dashboard View (dashboard-view): 2.14{color}
          {color:#403294}Slack Notification Plugin (slack): 2.45{color}
          {color:#403294}Durable Task Plugin (durable-task): 1.35{color}
          {color:#403294}Popper.js API Plugin (popper-api): 1.16.0-7{color}
          {color:#403294}Pipeline: Declarative (pipeline-model-definition): 1.7.2{color}
          {color:#403294}SSH Credentials Plugin (ssh-credentials): 1.18.1{color}
          {color:#403294}Git client plugin (git-client): 3.5.1{color}
          {color:#403294}Safe Restart Plugin (saferestart): 0.3{color}
          {color:#403294}SSH Agent Plugin (ssh-agent): 1.20{color}
          {color:#403294}Git Parameter Plug-In (git-parameter): 0.9.13{color}
          {color:#403294}OAuth Credentials plugin (oauth-credentials): 0.4{color}
          {color:#403294}Kubernetes Credentials Plugin (kubernetes-credentials): 0.7.0{color}
          {color:#403294}Timestamper (timestamper): 1.11.8{color}
          {color:#403294}Job Configuration History Plugin (jobConfigHistory): 2.26{color}
          {color:#403294}OpsGenie Plugin (opsgenie): 1.9{color}
          {color:#403294}Exclusive Execution Plugin (exclusive-execution): 0.8{color}
          {color:#403294}Pipeline: Job (workflow-job): 2.40{color}
          {color:#403294}JUnit Plugin (junit): 1.47{color}
          {color:#403294}Post build task (postbuild-task): 1.9{color}
          {color:#403294}Trilead API Plugin (trilead-api): 1.0.13{color}
          {color:#403294}Multiple SCMs plugin (multiple-scms): 0.6{color}
          {color:#403294}AnsiColor (ansicolor): 0.7.3{color}
          {color:#403294}Credentials Plugin (credentials): 2.3.14{color}
          {color:#403294}ClearCase Plug-in (clearcase): 1.6.3{color}
          {color:#403294}Project Build Times (project-build-times): 1.2.1{color}
          {color:#403294}Zentimestamp plugin (zentimestamp): 4.2{color}
          {color:#403294}Message Injector Plugin (msginject): 0.1.1{color}
          {color:#403294}Pipeline: Basic Steps (workflow-basic-steps): 2.23{color}
          {color:#403294}SSH Build Agents plugin (ssh-slaves): 1.31.4{color}
          {color:#403294}Command Agent Launcher Plugin (command-launcher): 1.5{color}
          {color:#403294}Console Log To Workspace (console-log-to-workspace): 1.2-SNAPSHOT (private-03/18/2020 17:06-root){color}
          {color:#403294}Jackson 2 API Plugin (jackson2-api): 2.12.0{color}
          {color:#403294}Kubernetes Client API Plugin (kubernetes-client-api): 4.11.1{color}
          {color:#403294}Pipeline: Input Step (pipeline-input-step): 2.12{color}
          {color:#403294}Pipeline: Supporting APIs (workflow-support): 3.7{color}
          {color:#403294}Pipeline: Stage Tags Metadata (pipeline-stage-tags-metadata): 1.7.2{color}
          {color:#403294}OkHttp Plugin (okhttp-api): 3.14.9{color}
          {color:#403294}OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1{color}
          {color:#403294}Pipeline: Shared Groovy Libraries (workflow-cps-global-lib): 2.17{color}
          {color:#403294}Pipeline: REST API Plugin (pipeline-rest-api): 2.19{color}
          {color:#403294}Pipeline: API (workflow-api): 2.40{color}
          {color:#403294}Token Macro Plugin (token-macro): 2.12{color}
          {color:#403294}Active Choices Plug-in (uno-choice): 2.5.1{color}
          {color:#403294}Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.4{color}
          {color:#403294}Plugin Utilities API Plugin (plugin-util-api): 1.6.0{color}
          {color:#403294}SonarQube Scanner for Jenkins (sonar): 2.13{color}
          {color:#403294}Mailer Plugin (mailer): 1.32.1{color}
          {color:#403294}Mask Passwords Plugin (mask-passwords): 2.13{color}
          {color:#403294}Pipeline: Build Step (pipeline-build-step): 2.13{color}
          {color:#403294}Checks API plugin (checks-api): 1.1.1{color}
          {color:#403294}Perforce Plugin (perforce): 1.3.36{color}
          {color:#403294}Branch API Plugin (branch-api): 2.6.2{color}
          {color:#403294}Job Log Logger Plugin (job-log-logger-plugin): 1.0{color}
          {color:#403294}JaCoCo plugin (jacoco): 3.1.0{color}
          {color:#403294}Resource Disposer Plugin (resource-disposer): 0.14{color}
          {color:#403294}P4 Plugin (p4): 1.11.1{color}
          {color:#403294}Snakeyaml API Plugin (snakeyaml-api): 1.27.0{color}
          {color:#403294}Groovy Postbuild (groovy-postbuild): 2.5{color}
          {color:#403294}Pipeline: Stage Step (pipeline-stage-step): 2.5{color}
          {color:#403294}Pipeline: Declarative Agent API (pipeline-model-declarative-agent): 1.1.1{color}
          {color:#403294}Gerrit Code Review plugin (gerrit-code-review): 0.4.4{color}
          {color:#403294}Subversion Plug-in (subversion): 2.13.2{color}
          {color:#403294}Log Command Plugin (log-command): 1.0.2{color}
          {color:#403294}Kubernetes CLI Plugin (kubernetes-cli): 1.9.0{color}
          {color:#403294}JDK Parameter Plugin (JDK_Parameter_Plugin): 1.0{color}
          {color:#403294}GIT server Plugin (git-server): 1.9{color}
          {color:#403294}Pipeline Graph Analysis Plugin (pipeline-graph-analysis): 1.10{color}
          {color:#403294}Log Parser Plugin (log-parser): 2.1{color}
          {color:#403294}Authorize Project (authorize-project): 1.3.0{color}
          {color:#403294}bouncycastle API Plugin (bouncycastle-api): 2.18{color}
          {color:#403294}Matrix Authorization Strategy Plugin (matrix-auth): 2.6.4{color}
          {color:#403294}Docker API Plugin (docker-java-api): 3.1.5.2{color}
          {color:#403294}Crowd 2 Integration (crowd2): 2.0.2{color}
          {color:#403294}Metrics Plugin (metrics): 4.0.2.6{color}
          {color:#403294}JavaScript GUI Lib: Handlebars bundle plugin (handlebars): 1.1.1{color}
          {color:#403294}Logging Plugin (logging): 1.0.0{color}
          {color:#403294}Pipeline (workflow-aggregator): 2.6{color}
          {color:#403294}GitHub Branch Source Plugin (github-branch-source): 2.9.2{color}
          {color:#403294}Font Awesome API Plugin (font-awesome-api): 5.15.1-1{color}
          {color:#403294}Pipeline: Declarative Extension Points API (pipeline-model-extensions): 1.7.2{color}
          {color:#403294}build-metrics (build-metrics): 1.3{color}
          {color:#403294}WMI Windows Agents Plugin (windows-slaves): 1.7{color}
          {color:#403294}Pipeline: SCM Step (workflow-scm-step): 2.11{color}
          {color:#403294}Hudson global-build-stats plugin (global-build-stats): 1.5{color}
          {color:#403294}Bootstrap 4 API Plugin (bootstrap4-api): 4.5.3-1{color}
          {color:#403294}Javadoc Plugin (javadoc): 1.6{color}
          {color:#403294}Matrix Project Plugin (matrix-project): 1.18{color}
          {color:#403294}Green Balls (greenballs): 1.15.1{color}

          +{color:#172b4d}*Upgraded plugins (Witht these plugins - Manage Jenkins --> Configure Systems - Apply and Save not working):-*{color}+

          {color:#de350b}Pipeline: Stage Step (pipeline-stage-step): 2.5
          Kubernetes plugin (kubernetes): 1.29.0
          Docker Pipeline (docker-workflow): 1.25
          Active Choices Plug-in (uno-choice): 2.5.2
          Credentials Plugin (credentials): 2.3.15
          Plain Credentials Plugin (plain-credentials): 1.7
          Plugin Utilities API Plugin (plugin-util-api): 1.7.1
          Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37
          OpsGenie Plugin (opsgenie): 1.9
          Javadoc Plugin (javadoc): 1.6
          Authentication Tokens API Plugin (authentication-tokens): 1.4
          Java JSON Web Token (JJWT) Plugin (jjwt-api): 0.11.2-9.c8b45b8bb173
          Matrix Project Plugin (matrix-project): 1.18
          Kubernetes CLI Plugin (kubernetes-cli): 1.10.0
          Crowd 2 Integration (crowd2): 2.0.2
          Pipeline: Declarative Extension Points API (pipeline-model-extensions): 1.8.4
          JaCoCo plugin (jacoco): 3.1.1
          Perforce Plugin (perforce): 1.3.36
          External Monitor Job Type Plugin (external-monitor-job): 1.7
          Analysis Model API Plugin (analysis-model-api): 9.8.0
          Display URL API (display-url-api): 2.3.4
          Log Command Plugin (log-command): 1.0.2
          Mailer Plugin (mailer): 1.32.1
          JQuery3 API Plugin (jquery3-api): 3.5.1-2
          Pipeline: SCM Step (workflow-scm-step): 2.12
          Mask Passwords Plugin (mask-passwords): 2.13
          Project Build Times (project-build-times): 1.2.1
          Strict Crumb Issuer Plugin (strict-crumb-issuer): 2.1.0
          jQuery plugin (jquery): 1.12.4-1
          build-metrics (build-metrics): 1.3
          Pipeline Graph Analysis Plugin (pipeline-graph-analysis): 1.10
          Gerrit Trigger (gerrit-trigger): 2.32.0
          GitHub plugin (github): 1.33.1
          Durable Task Plugin (durable-task): 1.35
          Credentials Binding Plugin (credentials-binding): 1.24
          Pipeline: Basic Steps (workflow-basic-steps): 2.23
          Pipeline: Input Step (pipeline-input-step): 2.12
          ClearCase Plug-in (clearcase): 1.6.6
          Pipeline: Declarative (pipeline-model-definition): 1.8.4
          JavaScript GUI Lib: Moment.js bundle plugin (momentjs): 1.1.1
          Exclusive Execution Plugin (exclusive-execution): 0.8
          Log Parser Plugin (log-parser): 2.1
          Rebuilder (rebuild): 1.31
          ECharts API Plugin (echarts-api): 4.9.0-3
          SSH Agent Plugin (ssh-agent): 1.21
          Pipeline: REST API Plugin (pipeline-rest-api): 2.19
          Subversion Plug-in (subversion): 2.14.0
          Pipeline: Stage Tags Metadata (pipeline-stage-tags-metadata): 1.8.4
          JavaScript GUI Lib: Handlebars bundle plugin (handlebars): 1.1.1
          description setter plugin (description-setter): 1.10
          JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1
          Trilead API Plugin (trilead-api): 1.0.13
          Publish Over SSH (publish-over-ssh): 1.22
          MapDB API Plugin (mapdb-api): 1.0.9.0
          SCM API Plugin (scm-api): 2.6.4
          Metrics Plugin (metrics): 4.0.2.7
          Warnings Next Generation Plugin (warnings-ng): 8.9.1
          Hudson global-build-stats plugin (global-build-stats): 1.5
          Console Log To Workspace (console-log-to-workspace): 1.2-SNAPSHOT (private-03/18/2020 17:06-root)
          Extended Read Permission Plugin (extended-read-permission): 3.2
          Authorize Project (authorize-project): 1.3.0
          OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1
          OAuth Credentials plugin (oauth-credentials): 0.4
          Lockable Resources plugin (lockable-resources): 2.10
          Node and Label parameter plugin (nodelabelparameter): 1.7.2
          Dashboard View (dashboard-view): 2.14
          Green Balls (greenballs): 1.15.1
          Snakeyaml API Plugin (snakeyaml-api): 1.27.0
          Font Awesome API Plugin (font-awesome-api): 5.15.2-1
          Log CLI Plugin (log-cli): 86.206c385fabcd
          Groovy Postbuild (groovy-postbuild): 2.5
          SSH Credentials Plugin (ssh-credentials): 1.18.1
          Slack Notification Plugin (slack): 2.45
          Pipeline: Supporting APIs (workflow-support): 3.7
          Scriptler (scriptler): 3.1
          CloudBees Disk Usage Simple Plugin (cloudbees-disk-usage-simple): 0.10
          Timestamper (timestamper): 1.11.8
          Build Timeout (build-timeout): 1.20
          SSH Build Agents plugin (ssh-slaves): 1.31.5
          JSch dependency plugin (jsch): 0.1.55.2
          Command Agent Launcher Plugin (command-launcher): 1.5
          Script Security Plugin (script-security): 1.76
          Job Log Logger Plugin (job-log-logger-plugin): 1.0
          OkHttp Plugin (okhttp-api): 3.14.9
          WMI Windows Agents Plugin (windows-slaves): 1.7
          Pipeline: Job (workflow-job): 2.40
          LDAP Plugin (ldap): 1.26
          Google OAuth Credentials plugin (google-oauth-plugin): 1.0.3
          Badge (badge): 1.8
          DataTables.net API Plugin (data-tables-api): 1.10.23-2
          Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.5
          Zentimestamp plugin (zentimestamp): 4.2
          Safe Restart Plugin (saferestart): 0.3
          GIT server Plugin (git-server): 1.9
          JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin (jquery-detached): 1.2.1
          PAM Authentication plugin (pam-auth): 1.6
          AnsiColor (ansicolor): 0.7.5
          Workspace Cleanup Plugin (ws-cleanup): 0.38
          SonarQube Scanner for Jenkins (sonar): 2.13
          Popper.js API Plugin (popper-api): 1.16.1-1
          Resource Disposer Plugin (resource-disposer): 0.14
          Pipeline: Build Step (pipeline-build-step): 2.13
          Checks API plugin (checks-api): 1.5.0
          Kubernetes Credentials Plugin (kubernetes-credentials): 0.8.0
          Pipeline: Stage View Plugin (pipeline-stage-view): 2.19
          Job/Queue/Slaves Monitoring Plugin (jqs-monitoring): 1.4
          Structs Plugin (structs): 1.22
          Matrix Authorization Strategy Plugin (matrix-auth): 2.6.5
          Git Parameter Plug-In (git-parameter): 0.9.13
          Gerrit Code Review plugin (gerrit-code-review): 0.4.4
          bouncycastle API Plugin (bouncycastle-api): 2.18
          Gerrit Verify Status Reporter Plugin (gerrit-verify-status-reporter): 0.0.3
          Git plugin (git): 4.6.0
          Variant Plugin (variant): 1.4
          Pipeline: Milestone Step (pipeline-milestone-step): 1.3.2
          Kubernetes Client API Plugin (kubernetes-client-api): 4.13.2-1
          Docker plugin (docker-plugin): 1.2.2
          Post build task (postbuild-task): 1.9
          Infrastructure plugin for Publish Over X (publish-over): 0.22
          Git client plugin (git-client): 3.6.0
          Pipeline: Shared Groovy Libraries (workflow-cps-global-lib): 2.18
          Token Macro Plugin (token-macro): 2.13
          Branch API Plugin (branch-api): 2.6.2
          GitHub Branch Source Plugin (github-branch-source): 2.9.6
          Pipeline: Model API (pipeline-model-api): 1.8.4
          Pipeline: API (workflow-api): 2.41
          Docker API Plugin (docker-java-api): 3.1.5.2
          Jackson 2 API Plugin (jackson2-api): 2.12.1
          Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.13-1.0
          Message Injector Plugin (msginject): 0.1.1
          Folders Plugin (cloudbees-folder): 6.15
          Git Forensics Plugin (git-forensics): 0.9.2
          Job Configuration History Plugin (jobConfigHistory): 2.26
          Pipeline: GitHub Groovy Libraries (pipeline-github-lib): 1.0
          Pipeline: Groovy (workflow-cps): 2.89
          JDK Parameter Plugin (JDK_Parameter_Plugin): 1.0
          Email Extension Plugin (email-ext): 2.81
          JUnit Plugin (junit): 1.48
          Pipeline: Step API (workflow-step-api): 2.23
          Pipeline: Multibranch (workflow-multibranch): 2.22
          P4 Plugin (p4): 1.11.2
          Bootstrap 4 API Plugin (bootstrap4-api): 4.6.0-1
          Gradle Plugin (gradle): 1.36
          Pipeline (workflow-aggregator): 2.6
          Logging Plugin (logging): 1.0.0
          Docker Commons Plugin (docker-commons): 1.17
          Build Timestamp Plugin (build-timestamp): 1.0.3
          Ant Plugin (ant): 1.11
          Forensics API Plugin (forensics-api): 0.10.1
          GitHub API Plugin (github-api): 1.122{color}

          {color:#172b4d}It looks some compatibility issue with the latest Jenkins plugins.{color}

           
           Under {{Manage Jenkins}} --> {{Configure Systems}} section, if i click *apply* or *{{save}}* button it shows below error on browser. I cannot *{{Apply}}* (Or) *{{Save}}* any configuration due to below errors.
          {quote}{color:#ff0000}HTTP Status 403 – Forbidden{color}

          {color:#ff0000}Type Status Report{color}

          {color:#ff0000}Message No valid crumb was included in the request{color}

          {color:#ff0000}Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30{color}
          {quote}
           

           My plugin listed below.
          {code:java}
          Active Choices Plug-in (uno-choice): 2.5.1
          AnsiColor (ansicolor): 0.7.3
          Ant Plugin (ant): 1.11
          Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.10-2.0
          Authentication Tokens API Plugin (authentication-tokens): 1.4
          Authorize Project (authorize-project): 1.3.0
          Badge (badge): 1.8
          Bootstrap 4 API Plugin (bootstrap4-api): 4.5.3-1
          bouncycastle API Plugin (bouncycastle-api): 2.18
          Branch API Plugin (branch-api): 2.6.2
          Build Timeout (build-timeout): 1.20
          Build Timestamp Plugin (build-timestamp): 1.0.3
          build-metrics (build-metrics): 1.3
          Checks API plugin (checks-api): 1.1.1
          ClearCase Plug-in (clearcase): 1.6.3
          Command Agent Launcher Plugin (command-launcher): 1.5
          Console Log To Workspace (console-log-to-workspace): 1.2-SNAPSHOT (private-03/18/2020 17:06-root)
          Credentials Binding Plugin (credentials-binding): 1.24
          Credentials Plugin (credentials): 2.3.14
          Crowd 2 Integration (crowd2): 2.0.2
          Dashboard View (dashboard-view): 2.14
          description setter plugin (description-setter): 1.10
          Display URL API (display-url-api): 2.3.4
          Docker API Plugin (docker-java-api): 3.1.5.2
          Docker Commons Plugin (docker-commons): 1.17
          Docker Pipeline (docker-workflow): 1.25
          Docker plugin (docker-plugin): 1.2.1
          Durable Task Plugin (durable-task): 1.35
          ECharts API Plugin (echarts-api): 4.9.0-2
          Email Extension Plugin (email-ext): 2.80
          Exclusive Execution Plugin (exclusive-execution): 0.8
          External Monitor Job Type Plugin (external-monitor-job): 1.7
          Folders Plugin (cloudbees-folder): 6.15
          Font Awesome API Plugin (font-awesome-api): 5.15.1-1
          Gerrit Code Review plugin (gerrit-code-review): 0.4.4
          Gerrit Trigger (gerrit-trigger): 2.32.0
          Gerrit Verify Status Reporter Plugin (gerrit-verify-status-reporter): 0.0.3
          Git client plugin (git-client): 3.5.1
          Git Parameter Plug-In (git-parameter): 0.9.13
          Git plugin (git): 4.5.0
          GIT server Plugin (git-server): 1.9
          GitHub API Plugin (github-api): 1.117
          GitHub Branch Source Plugin (github-branch-source): 2.9.2
          GitHub plugin (github): 1.32.0
          Google OAuth Credentials plugin (google-oauth-plugin): 1.0.2
          Gradle Plugin (gradle): 1.36
          Green Balls (greenballs): 1.15.1
          Groovy Postbuild (groovy-postbuild): 2.5
          Hudson global-build-stats plugin (global-build-stats): 1.5
          Infrastructure plugin for Publish Over X (publish-over): 0.22
          Jackson 2 API Plugin (jackson2-api): 2.12.0
          JaCoCo plugin (jacoco): 3.1.0
          Javadoc Plugin (javadoc): 1.6
          JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1
          JavaScript GUI Lib: Handlebars bundle plugin (handlebars): 1.1.1
          JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin (jquery-detached): 1.2.1
          JavaScript GUI Lib: Moment.js bundle plugin (momentjs): 1.1.1
          JDK Parameter Plugin (JDK_Parameter_Plugin): 1.0
          Job Configuration History Plugin (jobConfigHistory): 2.26
          Job Log Logger Plugin (job-log-logger-plugin): 1.0
          Job/Queue/Slaves Monitoring Plugin (jqs-monitoring): 1.4
          jQuery plugin (jquery): 1.12.4-1
          JQuery3 API Plugin (jquery3-api): 3.5.1-2
          JSch dependency plugin (jsch): 0.1.55.2
          JUnit Plugin (junit): 1.47
          Kubernetes CLI Plugin (kubernetes-cli): 1.9.0
          Kubernetes Client API Plugin (kubernetes-client-api): 4.11.1
          Kubernetes Credentials Plugin (kubernetes-credentials): 0.7.0
          Kubernetes plugin (kubernetes): 1.28.4
          LDAP Plugin (ldap): 1.26
          Lockable Resources plugin (lockable-resources): 2.10
          Log CLI Plugin (log-cli): 60.b1ee6375b940
          Log Command Plugin (log-command): 1.0.2
          Log Parser Plugin (log-parser): 2.1
          Logging Plugin (logging): 1.0.0
          Mailer Plugin (mailer): 1.32.1
          MapDB API Plugin (mapdb-api): 1.0.9.0
          Mask Passwords Plugin (mask-passwords): 2.13
          Matrix Authorization Strategy Plugin (matrix-auth): 2.6.4
          Matrix Project Plugin (matrix-project): 1.18
          Message Injector Plugin (msginject): 0.1.1
          Metrics Plugin (metrics): 4.0.2.6
          Multiple SCMs plugin (multiple-scms): 0.6
          Node and Label parameter plugin (nodelabelparameter): 1.7.2
          OAuth Credentials plugin (oauth-credentials): 0.4
          OkHttp Plugin (okhttp-api): 3.14.9
          OpsGenie Plugin (opsgenie): 1.9
          Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.4
          OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1
          P4 Plugin (p4): 1.11.1
          PAM Authentication plugin (pam-auth): 1.6
          Perforce Plugin (perforce): 1.3.36
          Pipeline (workflow-aggregator): 2.6
          Pipeline Graph Analysis Plugin (pipeline-graph-analysis): 1.10
          Pipeline: API (workflow-api): 2.40
          Pipeline: Basic Steps (workflow-basic-steps): 2.23
          Pipeline: Build Step (pipeline-build-step): 2.13
          Pipeline: Declarative (pipeline-model-definition): 1.7.2
          Pipeline: Declarative Agent API (pipeline-model-declarative-agent): 1.1.1
          Pipeline: Declarative Extension Points API (pipeline-model-extensions): 1.7.2
          Pipeline: GitHub Groovy Libraries (pipeline-github-lib): 1.0
          Pipeline: Groovy (workflow-cps): 2.87
          Pipeline: Input Step (pipeline-input-step): 2.12
          Pipeline: Job (workflow-job): 2.40
          Pipeline: Milestone Step (pipeline-milestone-step): 1.3.1
          Pipeline: Model API (pipeline-model-api): 1.7.2
          Pipeline: Multibranch (workflow-multibranch): 2.22
          Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37
          Pipeline: REST API Plugin (pipeline-rest-api): 2.19
          Pipeline: SCM Step (workflow-scm-step): 2.11
          Pipeline: Shared Groovy Libraries (workflow-cps-global-lib): 2.17
          Pipeline: Stage Step (pipeline-stage-step): 2.5
          Pipeline: Stage Tags Metadata (pipeline-stage-tags-metadata): 1.7.2
          Pipeline: Stage View Plugin (pipeline-stage-view): 2.19
          Pipeline: Step API (workflow-step-api): 2.23
          Pipeline: Supporting APIs (workflow-support): 3.7
          Plain Credentials Plugin (plain-credentials): 1.7
          Plugin Utilities API Plugin (plugin-util-api): 1.6.0
          Popper.js API Plugin (popper-api): 1.16.0-7
          Post build task (postbuild-task): 1.9
          Project Build Times (project-build-times): 1.2.1
          Publish Over SSH (publish-over-ssh): 1.22
          Rebuilder (rebuild): 1.31
          Resource Disposer Plugin (resource-disposer): 0.14
          Safe Restart Plugin (saferestart): 0.3
          SCM API Plugin (scm-api): 2.6.4
          Script Security Plugin (script-security): 1.75
          Scriptler (scriptler): 3.1
          Slack Notification Plugin (slack): 2.45
          Snakeyaml API Plugin (snakeyaml-api): 1.27.0
          SonarQube Scanner for Jenkins (sonar): 2.13
          SSH Agent Plugin (ssh-agent): 1.20
          SSH Build Agents plugin (ssh-slaves): 1.31.4
          SSH Credentials Plugin (ssh-credentials): 1.18.1
          Structs Plugin (structs): 1.20
          Subversion Plug-in (subversion): 2.13.2
          Timestamper (timestamper): 1.11.8
          Token Macro Plugin (token-macro): 2.12
          Trilead API Plugin (trilead-api): 1.0.13
          Variant Plugin (variant): 1.3
          WMI Windows Agents Plugin (windows-slaves): 1.7
          Workspace Cleanup Plugin (ws-cleanup): 0.38
          Zentimestamp plugin (zentimestamp): 4.2{code}
           
          smohan08 Mohan made changes -
          Summary With latest version of plugins Configure Systems - Apply and Save not working Configure Systems - Apply and Save not working
          smohan08 Mohan made changes -
          Comment [ Same problem persists even in *Jenkins 2.263.4* version . Also have tried with *openjdk version "1.8.0_282"* as well. ]
          Hide
          smohan08 Mohan added a comment -

          Same problem even in Jenkins 2.263.4, apache-tomcat-9.0.43 and openjdk version "1.8.0_282 as well.

          Show
          smohan08 Mohan added a comment - Same problem even in Jenkins 2.263.4, apache-tomcat-9.0.43 and openjdk version "1.8.0_282 as well.
          Hide
          smohan08 Mohan added a comment - - edited

          Solution tried :-

          1) Under Configure Global security --> CSRF Protection -->Enable proxy compatibility( Tick marked Enabled). - Didn't work so disabled with below command.
          2) hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION = true - Even after this also didn't work.
          3) Installed the Strict Crumb Issuer plugin. Enabled this plugin and uncheck Check the session ID from its configuration (Under Jenkins Configure Global Security). 
          4) Restated the Jenkins.
          

          01-Mar-2021 08:12:10.604 WARNING [Handling POST /jenkins/configSubmit from 45.46.58.59 : http-nio-8080-exec-2] hudson.security.csrf.CrumbFilter.doFilter No valid crumb was included in request for /jenkins/configSubmit by sumit.mital. Returning 403.
          

          Still same problem persists.

          Show
          smohan08 Mohan added a comment - - edited Solution tried :- 1) Under Configure Global security --> CSRF Protection -->Enable proxy compatibility( Tick marked Enabled). - Didn't work so disabled with below command. 2) hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION = true - Even after this also didn't work. 3) Installed the Strict Crumb Issuer plugin. Enabled this plugin and uncheck Check the session ID from its configuration (Under Jenkins Configure Global Security). 4) Restated the Jenkins. 01-Mar-2021 08:12:10.604 WARNING [Handling POST /jenkins/configSubmit from 45.46.58.59 : http-nio-8080-exec-2] hudson.security.csrf.CrumbFilter.doFilter No valid crumb was included in request for /jenkins/configSubmit by sumit.mital. Returning 403. Still same problem persists.
          smohan08 Mohan made changes -
          Attachment 1.png [ 54073 ]
          Hide
          smohan08 Mohan added a comment - - edited

          Jenkins > Manage Jenkins > Configure Global Security > CSRF Protection - Default Crumb Issuer tried by ticked and Un-ticked the Enable Proxy Compatibility.  But no success. still getting same error.

          Show
          smohan08 Mohan added a comment - - edited Jenkins > Manage Jenkins > Configure Global Security > CSRF Protection - Default Crumb Issuer tried by ticked and Un-ticked the Enable Proxy Compatibility .  But no success. still getting same error.
          smohan08 Mohan made changes -
          Description  Under {{Manage Jenkins}} --> {{Configure Systems}} section, if i click *apply* or *{{save}}* button it shows below error on browser. I cannot *{{Apply}}* (Or) *{{Save}}* any configuration due to below errors.
          {quote}{color:#ff0000}HTTP Status 403 – Forbidden{color}

          {color:#ff0000}Type Status Report{color}

          {color:#ff0000}Message No valid crumb was included in the request{color}

          {color:#ff0000}Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30{color}
          {quote}
           

           My plugin listed below.
          {code:java}
          Active Choices Plug-in (uno-choice): 2.5.1
          AnsiColor (ansicolor): 0.7.3
          Ant Plugin (ant): 1.11
          Apache HttpComponents Client 4.x API Plugin (apache-httpcomponents-client-4-api): 4.5.10-2.0
          Authentication Tokens API Plugin (authentication-tokens): 1.4
          Authorize Project (authorize-project): 1.3.0
          Badge (badge): 1.8
          Bootstrap 4 API Plugin (bootstrap4-api): 4.5.3-1
          bouncycastle API Plugin (bouncycastle-api): 2.18
          Branch API Plugin (branch-api): 2.6.2
          Build Timeout (build-timeout): 1.20
          Build Timestamp Plugin (build-timestamp): 1.0.3
          build-metrics (build-metrics): 1.3
          Checks API plugin (checks-api): 1.1.1
          ClearCase Plug-in (clearcase): 1.6.3
          Command Agent Launcher Plugin (command-launcher): 1.5
          Console Log To Workspace (console-log-to-workspace): 1.2-SNAPSHOT (private-03/18/2020 17:06-root)
          Credentials Binding Plugin (credentials-binding): 1.24
          Credentials Plugin (credentials): 2.3.14
          Crowd 2 Integration (crowd2): 2.0.2
          Dashboard View (dashboard-view): 2.14
          description setter plugin (description-setter): 1.10
          Display URL API (display-url-api): 2.3.4
          Docker API Plugin (docker-java-api): 3.1.5.2
          Docker Commons Plugin (docker-commons): 1.17
          Docker Pipeline (docker-workflow): 1.25
          Docker plugin (docker-plugin): 1.2.1
          Durable Task Plugin (durable-task): 1.35
          ECharts API Plugin (echarts-api): 4.9.0-2
          Email Extension Plugin (email-ext): 2.80
          Exclusive Execution Plugin (exclusive-execution): 0.8
          External Monitor Job Type Plugin (external-monitor-job): 1.7
          Folders Plugin (cloudbees-folder): 6.15
          Font Awesome API Plugin (font-awesome-api): 5.15.1-1
          Gerrit Code Review plugin (gerrit-code-review): 0.4.4
          Gerrit Trigger (gerrit-trigger): 2.32.0
          Gerrit Verify Status Reporter Plugin (gerrit-verify-status-reporter): 0.0.3
          Git client plugin (git-client): 3.5.1
          Git Parameter Plug-In (git-parameter): 0.9.13
          Git plugin (git): 4.5.0
          GIT server Plugin (git-server): 1.9
          GitHub API Plugin (github-api): 1.117
          GitHub Branch Source Plugin (github-branch-source): 2.9.2
          GitHub plugin (github): 1.32.0
          Google OAuth Credentials plugin (google-oauth-plugin): 1.0.2
          Gradle Plugin (gradle): 1.36
          Green Balls (greenballs): 1.15.1
          Groovy Postbuild (groovy-postbuild): 2.5
          Hudson global-build-stats plugin (global-build-stats): 1.5
          Infrastructure plugin for Publish Over X (publish-over): 0.22
          Jackson 2 API Plugin (jackson2-api): 2.12.0
          JaCoCo plugin (jacoco): 3.1.0
          Javadoc Plugin (javadoc): 1.6
          JavaScript GUI Lib: ACE Editor bundle plugin (ace-editor): 1.1
          JavaScript GUI Lib: Handlebars bundle plugin (handlebars): 1.1.1
          JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin (jquery-detached): 1.2.1
          JavaScript GUI Lib: Moment.js bundle plugin (momentjs): 1.1.1
          JDK Parameter Plugin (JDK_Parameter_Plugin): 1.0
          Job Configuration History Plugin (jobConfigHistory): 2.26
          Job Log Logger Plugin (job-log-logger-plugin): 1.0
          Job/Queue/Slaves Monitoring Plugin (jqs-monitoring): 1.4
          jQuery plugin (jquery): 1.12.4-1
          JQuery3 API Plugin (jquery3-api): 3.5.1-2
          JSch dependency plugin (jsch): 0.1.55.2
          JUnit Plugin (junit): 1.47
          Kubernetes CLI Plugin (kubernetes-cli): 1.9.0
          Kubernetes Client API Plugin (kubernetes-client-api): 4.11.1
          Kubernetes Credentials Plugin (kubernetes-credentials): 0.7.0
          Kubernetes plugin (kubernetes): 1.28.4
          LDAP Plugin (ldap): 1.26
          Lockable Resources plugin (lockable-resources): 2.10
          Log CLI Plugin (log-cli): 60.b1ee6375b940
          Log Command Plugin (log-command): 1.0.2
          Log Parser Plugin (log-parser): 2.1
          Logging Plugin (logging): 1.0.0
          Mailer Plugin (mailer): 1.32.1
          MapDB API Plugin (mapdb-api): 1.0.9.0
          Mask Passwords Plugin (mask-passwords): 2.13
          Matrix Authorization Strategy Plugin (matrix-auth): 2.6.4
          Matrix Project Plugin (matrix-project): 1.18
          Message Injector Plugin (msginject): 0.1.1
          Metrics Plugin (metrics): 4.0.2.6
          Multiple SCMs plugin (multiple-scms): 0.6
          Node and Label parameter plugin (nodelabelparameter): 1.7.2
          OAuth Credentials plugin (oauth-credentials): 0.4
          OkHttp Plugin (okhttp-api): 3.14.9
          OpsGenie Plugin (opsgenie): 1.9
          Oracle Java SE Development Kit Installer Plugin (jdk-tool): 1.4
          OWASP Markup Formatter Plugin (antisamy-markup-formatter): 2.1
          P4 Plugin (p4): 1.11.1
          PAM Authentication plugin (pam-auth): 1.6
          Perforce Plugin (perforce): 1.3.36
          Pipeline (workflow-aggregator): 2.6
          Pipeline Graph Analysis Plugin (pipeline-graph-analysis): 1.10
          Pipeline: API (workflow-api): 2.40
          Pipeline: Basic Steps (workflow-basic-steps): 2.23
          Pipeline: Build Step (pipeline-build-step): 2.13
          Pipeline: Declarative (pipeline-model-definition): 1.7.2
          Pipeline: Declarative Agent API (pipeline-model-declarative-agent): 1.1.1
          Pipeline: Declarative Extension Points API (pipeline-model-extensions): 1.7.2
          Pipeline: GitHub Groovy Libraries (pipeline-github-lib): 1.0
          Pipeline: Groovy (workflow-cps): 2.87
          Pipeline: Input Step (pipeline-input-step): 2.12
          Pipeline: Job (workflow-job): 2.40
          Pipeline: Milestone Step (pipeline-milestone-step): 1.3.1
          Pipeline: Model API (pipeline-model-api): 1.7.2
          Pipeline: Multibranch (workflow-multibranch): 2.22
          Pipeline: Nodes and Processes (workflow-durable-task-step): 2.37
          Pipeline: REST API Plugin (pipeline-rest-api): 2.19
          Pipeline: SCM Step (workflow-scm-step): 2.11
          Pipeline: Shared Groovy Libraries (workflow-cps-global-lib): 2.17
          Pipeline: Stage Step (pipeline-stage-step): 2.5
          Pipeline: Stage Tags Metadata (pipeline-stage-tags-metadata): 1.7.2
          Pipeline: Stage View Plugin (pipeline-stage-view): 2.19
          Pipeline: Step API (workflow-step-api): 2.23
          Pipeline: Supporting APIs (workflow-support): 3.7
          Plain Credentials Plugin (plain-credentials): 1.7
          Plugin Utilities API Plugin (plugin-util-api): 1.6.0
          Popper.js API Plugin (popper-api): 1.16.0-7
          Post build task (postbuild-task): 1.9
          Project Build Times (project-build-times): 1.2.1
          Publish Over SSH (publish-over-ssh): 1.22
          Rebuilder (rebuild): 1.31
          Resource Disposer Plugin (resource-disposer): 0.14
          Safe Restart Plugin (saferestart): 0.3
          SCM API Plugin (scm-api): 2.6.4
          Script Security Plugin (script-security): 1.75
          Scriptler (scriptler): 3.1
          Slack Notification Plugin (slack): 2.45
          Snakeyaml API Plugin (snakeyaml-api): 1.27.0
          SonarQube Scanner for Jenkins (sonar): 2.13
          SSH Agent Plugin (ssh-agent): 1.20
          SSH Build Agents plugin (ssh-slaves): 1.31.4
          SSH Credentials Plugin (ssh-credentials): 1.18.1
          Structs Plugin (structs): 1.20
          Subversion Plug-in (subversion): 2.13.2
          Timestamper (timestamper): 1.11.8
          Token Macro Plugin (token-macro): 2.12
          Trilead API Plugin (trilead-api): 1.0.13
          Variant Plugin (variant): 1.3
          WMI Windows Agents Plugin (windows-slaves): 1.7
          Workspace Cleanup Plugin (ws-cleanup): 0.38
          Zentimestamp plugin (zentimestamp): 4.2{code}
           
           Under {{Manage Jenkins}} --> {{Configure Systems}} section, if i click *apply* or *{{save}}* button it shows below error on browser. I cannot *{{Apply}}* (Or) *{{Save}}* any configuration due to below errors.
          {quote}{color:#ff0000}HTTP Status 403 – Forbidden{color}

          {color:#ff0000}Type Status Report{color}

          {color:#ff0000}Message No valid crumb was included in the request{color}

          {color:#ff0000}Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30{color}
          {quote}
           Do i need to add any additional configuration in my tomcat side? Please let me know.

           
          smohan08 Mohan made changes -
          Attachment 2.png [ 54074 ]
          smohan08 Mohan made changes -
          Component/s configure-job-column-plugin [ 16539 ]
          Component/s plugin-installation-manager-tool [ 25433 ]
          smohan08 Mohan made changes -
          Labels jenkins plugins configuration jenkins
          smohan08 Mohan made changes -
          Component/s other [ 15490 ]
          Component/s configure-job-column-plugin [ 16539 ]
          smohan08 Mohan made changes -
          Component/s core [ 15593 ]
          Component/s other [ 15490 ]
          smohan08 Mohan made changes -
          Description  Under {{Manage Jenkins}} --> {{Configure Systems}} section, if i click *apply* or *{{save}}* button it shows below error on browser. I cannot *{{Apply}}* (Or) *{{Save}}* any configuration due to below errors.
          {quote}{color:#ff0000}HTTP Status 403 – Forbidden{color}

          {color:#ff0000}Type Status Report{color}

          {color:#ff0000}Message No valid crumb was included in the request{color}

          {color:#ff0000}Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30{color}
          {quote}
           Do i need to add any additional configuration in my tomcat side? Please let me know.

           
           Under {{Manage Jenkins}} --> {{Configure Systems}} section, if i click *apply* or *{{save}}* button it shows below error on browser(Firefox, Chrome). I cannot *{{Apply}}* (Or) *{{Save}}* any configuration due to below errors.
          {quote}{color:#ff0000}HTTP Status 403 – Forbidden{color}

          {color:#ff0000}Type Status Report{color}

          {color:#ff0000}Message No valid crumb was included in the request{color}

          {color:#ff0000}Description The server understood the request but refuses to authorize it. Apache Tomcat/9.0.30{color}
          {quote}
           Do i need to add any additional configuration in my tomcat side? Please let me know.

           
          Hide
          smohan08 Mohan added a comment - - edited

          Jenkins > Manage Jenkins > Configure Global Security - Apply works. But Save results same error.

          Show
          smohan08 Mohan added a comment - - edited Jenkins > Manage Jenkins > Configure Global Security - Apply works. But Save results same error.
          Hide
          smohan08 Mohan added a comment - - edited

          Even tried by addeding below in /apache-tomcat-9.0.43/conf/tomcat-users.xml file, however still same issue.

           

          <?xml version='1.0' encoding='utf-8'?>
          <tomcat-users>
              <role rolename="manager-gui"/>
              <role rolename="manager-script"/>
              <role rolename="manager-jmx"/>
              <role rolename="manager-status"/>
              <role rolename="admin-gui"/>
              <role rolename="admin-script"/>
              <user username="user" password="password" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
          </tomcat-users>
          

           

           

          Show
          smohan08 Mohan added a comment - - edited Even tried by addeding below in /apache-tomcat-9.0.43/conf/tomcat-users.xml file, however still same issue.   <?xml version= '1.0' encoding= 'utf-8' ?> <tomcat-users>     <role rolename= "manager-gui" />     <role rolename= "manager-script" />     <role rolename= "manager-jmx" />     <role rolename= "manager-status" />     <role rolename= "admin-gui" />     <role rolename= "admin-script" />     <user username= "user" password= "password" roles= "manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script" /> </tomcat-users>    
          smohan08 Mohan made changes -
          Priority Critical [ 2 ] Blocker [ 1 ]
          smohan08 Mohan made changes -
          Labels configuration jenkins 403 configuration csrf jenkins
          smohan08 Mohan made changes -
          Labels 403 configuration csrf jenkins 403 configuration crumb csrf jenkins
          smohan08 Mohan made changes -
          Attachment 2.png [ 54074 ]
          smohan08 Mohan made changes -
          Attachment 2.png [ 54087 ]
          Hide
          smohan08 Mohan added a comment -

          Any help would be much appreciated

          Show
          smohan08 Mohan added a comment - Any help would be much appreciated
          markewaite Mark Waite made changes -
          Assignee Natasha Stopa [ stopalopa ]
          Hide
          markewaite Mark Waite added a comment -

          My best suggestion is to not try to run Jenkins under tomcat. Run it as a separate application so that you don't need to wrestle with Tomcat configuration.

          If you need a reverse proxy between the user and Jenkins, consider nginx, Apache, HAProxy, or Squid as described in reverse proxy configuration.

          Show
          markewaite Mark Waite added a comment - My best suggestion is to not try to run Jenkins under tomcat. Run it as a separate application so that you don't need to wrestle with Tomcat configuration. If you need a reverse proxy between the user and Jenkins, consider nginx, Apache, HAProxy, or Squid as described in reverse proxy configuration .
          Hide
          smohan08 Mohan added a comment - - edited

          We have been running our jenkins under tomcat for last 10 years until we upgrade our jenkins from 2.235.5 (LTS) to 2.263.1-LTS we had no issue.

          Sure we will consider to move out of tomcat.

          Nginx reverse proxy side seems no issues, because i have tested without nginx reverse proxy even in that too facing same problem.

          it looks CSRF is causing issue with tomcat. still digging. hopefully will sorted out.

           

          Show
          smohan08 Mohan added a comment - - edited We have been running our jenkins under tomcat for last 10 years until we upgrade our jenkins from 2.235.5 (LTS) to 2.263.1-LTS we had no issue. Sure we will consider to move out of tomcat. Nginx reverse proxy side seems no issues, because i have tested without nginx reverse proxy even in that too facing same problem. it looks CSRF is causing issue with tomcat. still digging. hopefully will sorted out.  
          markewaite Mark Waite made changes -
          Summary Configure Systems - Apply and Save not working Configure Systems - Apply and Save not working with tomcat
          Hide
          smohan08 Mohan added a comment - - edited

          Tested with Jenkins - 2.235.5-LTS and with same version of apache-tomcat-9.0.43 here there is no issue.

          Show
          smohan08 Mohan added a comment - - edited Tested with Jenkins - 2.235.5-LTS and with same version of apache-tomcat-9.0.43 here there is no issue.
          smohan08 Mohan made changes -
          Labels 403 configuration crumb csrf jenkins 403 configuration crumb csrf jenkins tomcat

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            smohan08 Mohan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: