请求中未包含有效面包屑-Jenkins 403

问题描述 投票:0回答:1

我的Crumb.sh文件是:

    crumb=$(curl -u "jenkins:pwd" -s 'http://yuvi_jenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
    echo $crumb
    curl -u "jenkins:pwd" -H "$crumb" -X POST http://yuvi_jenkins:8080/job/ansible-project/build?delay=0sec

我得到的输出是:

Jenkins-Crumb:d3950e9f61bc9dd88fba532c17dba1ce220be11b92d78e720464afd38021a3fb


<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /job/ansible-project/build. Reason:
<pre> No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>

</body>
</html>

我尝试过的解决方案:

1) Probably you are accessing jenkins by proxy server, please do following

    Go to "Global Security Settings"
    Check "Enables the Compatibilty Mode for proxies".
    Restart

2) To resolve this issue I unchecked "Prevent Cross Site Request Forgery exploits" in jenkins.com/configureSecurity section.

我已经尝试了上述解决方案,但仍然遇到相同的错误。

jenkins continuous-integration jenkins-pipeline ubuntu-16.04 jenkins-cli
1个回答
0
投票

根据Jenkins文档here,碎屑现在仅对创建碎屑的Web会话有效。为了解决这个问题,您可以在发出面包屑请求时存储cookie,然后在进行后续API调用时使用存储的cookie。因此您的脚本将变为:

crumb=$(curl --cookie-jar ./cookie -u "jenkins:pwd" -s 'http://yuvi_jenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
curl --cookie ./cookie -u "jenkins:pwd" -H "$crumb" -X POST http://yuvi_jenkins:8080/job/ansible-project/build?delay=0sec

或者,我链接的文档建议将系统属性hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID设置为true,或使用严格的Crumb Issuer插件来更改Crumb验证以使用诸如时间而不是会话ID之类的东西

感谢https://github.com/spinnaker/spinnaker/issues/2067#issuecomment-544993648帮助我解决了相同的问题

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.