Re: HTTP Status 403 – Forbidden error

[Mohan]

It looks security feature included in *2.263.1(LTS) version,**and that
required authentication even for tomcat.*

1) Under Configure Global security --> CSRF Protection -->Enable proxy
compatibility( Tick marked Enabled).
2) hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION
= true
3) Installed the Strict Crumb Issuer plugin.
   Enabled this plugin and uncheck Check the session ID from its
configuration (Under Jenkins Configure Global Security).
4) Restated the Jenkins.

Have tried above workaround, however it didn't help.

Any other pointer to solve this would be helpful.


On Fri, 19 Feb 2021, 11:18 am Mark Waite,  wrote:

> You may need to investigate the settings on your tomcat server.  I would
> guess that it is somehow disrupting the flow of the crumb from Jenkins to
> the browser or from the browser to Jenkins.  I don't run Jenkins in tomcat,
> so I have no experience with diagnosing issues in tomcat.
>
> On Thu, Feb 18, 2021 at 10:35 PM Mk  wrote:
>
>> Thanks Mark. I have uninstalled the *MultiSCM plugin* and restarted the
>> service. However still i am experiencing the same problem*. (**Manage
>> Jenkins* --> *Configure Systems* section post any modification if i
>> click save button it fails). Now from systems log i can below above
>> errors disappeared.
>>
>> Feb 19, 2021 10:56:05 AM WARNING hudson.security.csrf.CrumbFilter doFilter
>> No valid crumb was included in request for /jenkins/configSubmit by
>> vasanth.guru. Returning 403.
>>
>> On Friday, February 19, 2021 at 10:31:23 AM UTC+5:30 Mark Waite wrote:
>>
>>> That null pointer exception seems likely to have been caused by one of
>>> the plugins that was updated.  Since it is mentioning LibraryConfiguration,
>>> SCMRetriever, and MultiSCM, you might first look at the
>>> workflow-cps-global-lib and the multiple-scms plugin to see if either of
>>> them were recently upgraded.
>>>
>>> The MultipleSCMs plugin has been deprecated.  Jenkins Pipeline is the
>>> better way to implement multiple SCM support from within a single job.
>>>
>>> Mark Waite
>>>
>>> On Thu, Feb 18, 2021 at 9:47 PM Mk  wrote:
>>>

 Hello Jenkins Community team,

 I am using *Jenkins - 2.263.1(LTS)* deployed through tomcat.

 I have upgraded few of the plugins yesterday since then i am facing
 following issue whenever i modify any settings under *Manage Jenkins*
 --> *Configure Systems* section if i click save button. it takes few
 mins and throws the below error.

 HTTP Status 403 – Forbidden
 Type Status Report
 Message No valid crumb was included in the request
 Description The server understood the request but refuses to authorize
 it.
 Apache Tomcat/9.0.30

 From jenkins systems log below message shown.

 Feb 18, 2021 7:52:13 AM WARNING
 hudson.ExpressionFactory2$JexlExpression evaluate

 Caught exception evaluating: h.filterDescriptors(it,attrs.descriptors)
 in /jenkins/configure. Reason: java.lang.NullPointerException: Descriptor
 list is null for context 'class hudson.model.Hudson' in thread 'Handling
 GET /jenkins/configure from 206.25.26.27 : http-nio-8080-exec-2
 Jenkins/configure.jelly GlobalLibraries/config.jelly
 LibraryConfiguration/config.jelly SCMRetriever/DescriptorImpl/config.jelly
 MultiSCM/DescriptorImpl/config.jelly'
 java.lang.NullPointerException: Descriptor list is null for context
 'class hudson.model.Hudson' in thread 'Handling GET /jenkins/configure from
 206.25.26.27 : http-nio-8080-exec-2 Jenkins/configure.jelly
 GlobalLibraries/config.jelly LibraryConfiguration/config.jelly
 SCMRetriever/DescriptorImpl/config.jelly
 MultiSCM/DescriptorImpl/config.jelly'
 at
 hudson.model.DescriptorVisibilityFilter.apply(DescriptorVisibilityFilter.java:73)
 at hudson.Functions.filterDescriptors(Functions.java:2122)
 at sun.reflect.GeneratedMethodAccessor308.invoke(Unknown Source)
 at
 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)

 Under *Configure Global security --> CSRF Protection -->Enable proxy
 compatibility*(Enabled). Still same problem persists. Therefore please
 help me to solve this issue.

 Thanks in advance.

 --
 You received this message because you are subscribed to the Google
 Groups "Jenkins Users" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to jenkinsci-use...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/jenkinsci-users/5813788e-3157-45f5-b2d4-f906b3ce8228n%40googlegroups.com
 
 .

>>> --
>> You received this message because you are subscribed 

Jenkins Shared Libraries vs Cloudbees Pipeline Templates

[Ashish Sharma]

Hello Community,

As we move towards standardizing pipeline code across various project teams 
and repo, we are looking to use common reusable code for pipeline.

Since we are using cloudbees core, we have access to cloudbees pipeline 
templates / catalogue as well.

Do we have any suggestions on using shared libraries vs pipeline templates, 
do they co exist? Does anyone has working experience in this area?

FYI, Have gone through this post, but still not able to get clarity on this 
query.

https://www.cloudbees.com/blog/pipeline-as-code

Thanks,

Ashish

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/213cfc00-1677-4dba-b20f-2bd9696c0b8dn%40googlegroups.com.