![]() |
|
|
|
|
Change By:
|
Pardeep Chahal
(25/Jan/13 6:42 AM)
|
|
Description:
|
Jenkins runs fine standalone with openID as security realm but Jenkins starts giving issues when it runs behind apache2 (ssl)and openID is enabled.
Instead of going to apache URL it redirects to Jenkins original URL and failed to launch.
for example when Jenkins runs behind proxy it redirects to https://build.xyx/jenkins but when open ID is enabled it goes to http://ip_address:8080/jenkins and failed to launch.
When I try to use openID SSO as security realm in Jenkins and use provider url as - https://www.google.com/accounts/o8/id, I get below error while launching Jenkins -
http://IP:8080/jenkins/securityRealm/finishLogin?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=2013-01-25T05%3A27%3A23ZHqUBL2t2TULPjQ&openid.return_to=http%3A%2F%2FIP%3A8080%2Fjenkins%2FsecurityRealm%2FfinishLogin&openid.assoc_handle=AMlYA9Wdp9pT9NLHLYeMhEF0KYu4mQW5lFaniafOkn6leUUrn8_X_k8LsDfJuw16gU_tX2Zy&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle%2Cns.ext1%2Cext1.mode%2Cext1.type.email%2Cext1.value.email%2Cext1.type.firstName%2Cext1.value.firstName%2Cext1.type.lastName%2Cext1.value.lastName&openid.sig=5KqqDrmYfcWCw8%2B92YcMH9t48qSrs3hqt%2BYhIbVUkhU%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawmqs8g_JhXH7jDfZbzyHlaKbglun-1_grQ&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawmqs8g_JhXH7jDfZbzyHlaKbglun-1_grQ&openid.ns.ext1=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.ext1.mode=fetch_response&openid.ext1.type.email=http%3A%2F%2Fschema.openid.net%2Fcontact%2Femail&openid.ext1.value.email=pardeep.chahal%40hcentive.com&openid.ext1.type.firstName=http%3A%2F%2Faxschema.org%2FnamePerson%2Ffirst&openid.ext1.value.firstName=Pardeep&openid.ext1.type.lastName=http%3A%2F%2Faxschema.org%2FnamePerson%2Flast&openid.ext1.value.lastName=Chahal
I have installed 1.480.2 version of jenkins
Orginial URL of Jenkins - http://hostIP:8080/jenkins
When access via apache - https://dns_name/
jenkis
jenkins
Examining the code of openIDsession.java, it looks like the receivingURL is being pulled from the deployed and not from the url which was sent. Changing( String receivingURL = Hudson.getInstance().getRootUrl() + this.finishUrl;) would likely solve the problem.
Let me know if further details are required
Please suggest how to overcome this issue.
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
