英文:
Jenkins giving 403 in EC2 Server after passing the crumb in the request headers
问题
我正在使用CSRF Jenkins的crumb,在API调用中使用它来从Java在Jenkins中创建新的作业。
我尝试了以下操作:
调用API以获取crumb数据
http://admin:11542c80972c3a2b863453d234de68b1d@10.139.163.33/crumbIssuer/api/json
我还尝试了以下URL
http://10.139.163.33/crumbIssuer/api/json
下面是从服务器获取到的JSON响应:
{"_class":"hudson.security.csrf.DefaultCrumbIssuer","crumb":"b272a09b604e7b7cc8ee1431f0a0143fa1422db2fb5f92955b0356a31da37463","crumbRequestField":"Jenkins-Crumb"}
在下一步中,我正在调用Jenkins,使用以下标头创建新的作业
Jenkins-Crumb:b272a09b604e7b7cc8ee1431f0a0143fa1422db2fb5f92955b0356a31da37463
Jenkins正在给我403错误,我正在使用HttpGet获取令牌,并使用带有上述标头的HttpPost发送到Jenkins。
当我使用Postman时,不会出现此错误。我在一个EC2服务器上运行Java应用程序,Jenkins在另一个EC2服务器上运行。
没有代理,我还尝试过使用各种选项,如启用代理兼容性,重新启动Jenkins等,但没有效果。
请给出任何指示。
使用的Java代码是
HttpPost postRequest = new HttpPost(url);
JenkinsCrumb crumb = jenkinsHelper.getCrumb();
String encodedPassword = Base64.getEncoder().encodeToString((user + ":" + pwd).getBytes());
postRequest.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + encodedPassword);
postRequest.addHeader(new BasicHeader(crumb.getCrumbRequestField(), crumb.getCrumb()));
return postRequest;
获取crumb的代码是
String urlWithToken = "http://" + (user + ":" + pwd) + "@";
HttpGet request = new HttpGet(jenkinsBaseUrl.replace("http://", urlWithToken) + "crumbIssuer/api/json");
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + encodedPassword);
CloseableHttpResponse httpResponse = httpClient.execute(request);
我还尝试过使用CURL命令,仍然得到相同的响应。
英文:
i am using the CSRF Jenkins crumbs in the API call to create a new job in Jenkins from Java.
I tried the following
Called the API to get the crumb data
> http://admin:11542c80972c3a2b863453d234de68b1d@10.139.163.33/crumbIssuer/api/json
I also tried with the below URL
> http://10.139.163.33/crumbIssuer/api/json
The below is the JSON response obtained from the server
{"_class":"hudson.security.csrf.DefaultCrumbIssuer","crumb":"b272a09b604e7b7cc8ee1431f0a0143fa1422db2fb5f92955b0356a31da37463","crumbRequestField":"Jenkins-Crumb"}
In the next step, I am making a call to the Jenkins to create a new job with the header as
Jenkins-Crumb:b272a09b604e7b7cc8ee1431f0a0143fa1422db2fb5f92955b0356a31da37463
Jenkins is giving me 403, I am using HttpGet to get the token and using HttpPost with the header as above and sending to jenkins.
When i try with postman, it is not giving this error. I am running the Java application in 1 ec2 server and jenkins on another ec2 server.
There are no proxies, I also tried to use the various options like the enable proxy compatibilty, restarting jenkins etc, but not working.
Please give any pointers.
Java code used is
HttpPost postRequest = new HttpPost(url);
JenkinsCrumb crumb = jenkinsHelper.getCrumb();
String encodedPassword = Base64.getEncoder().encodeToString((user + ":" + pwd).getBytes());
postRequest.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + encodedPassword);
postRequest.addHeader(new BasicHeader(crumb.getCrumbRequestField(), crumb.getCrumb()));
return postRequest;
The code to get the crumb is
String urlWithToken = "http://" + (user + ":" + pwd) + "@";
HttpGet request = new HttpGet(jenkinsBaseUrl.replace("http://", urlWithToken) + "crumbIssuer/api/json");
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + encodedPassword);
CloseableHttpResponse httpResponse = httpClient.execute(request);
I have also tried with the CURL command and still getting the same response
答案1
得分: 2
我能够通过使用相同的HttpClient(CloseableHttpClient)来解决这个问题,既用于CRUMB请求又用于POST请求。之前,我使用了两个单独的客户端,一个用于获取crumb,另一个用于发布数据。为这两者使用共享的httpclient 导致成功状态。
希望这对其他遇到类似问题的开发者有所帮助。
英文:
I was able to fix this issue by using the same HttpClient (CloseableHttpClient) for both the CRUMB and the POST Request. Earlier, I was using 2 separate clients one for getting the crumb and new one for the posting of the data. Using a shared httpclient for both of these resulted in success state.
Hope this helps any other developer facing similar issue.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论