jenkins - 请求中没有包含有效的面包屑

问题描述

我的 Crumb.sh 文件是：

    crumb=$(curl -u "jenkins:pwd" -s 'http://yuvi_jenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
    echo $crumb
    curl -u "jenkins:pwd" -H "$crumb" -X POST http://yuvi_jenkins:8080/job/ansible-project/build?delay=0sec

我得到的输出是：

Jenkins-Crumb:d3950e9f61bc9dd88fba532c17dba1ce220be11b92d78e720464afd38021a3fb


<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /job/ansible-project/build. Reason:
<pre> No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>

</body>
</html>

我尝试过的解决方案：

1) Probably you are accessing jenkins by proxy server, please do following

    Go to "Global Security Settings"
    Check "Enables the Compatibilty Mode for proxies".
    Restart

2) To resolve this issue I unchecked "Prevent Cross Site Request Forgery exploits" in jenkins.com/configureSecurity section.

我已经尝试了上述解决方案，但仍然遇到同样的错误。

标签： jenkinscontinuous-integrationjenkins-pipelineubuntu-16.04jenkins-cli

根据此处的 Jenkins 文档，碎屑现在仅对创建它们的 Web 会话有效。为了解决这个问题，您可以在发出 crumb 请求时存储 cookie，然后在进行后续 API 调用时使用这些存储的 cookie。所以你的脚本会变成：

crumb=$(curl --cookie-jar ./cookie -u "jenkins:pwd" -s 'http://yuvi_jenkins:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
curl --cookie ./cookie -u "jenkins:pwd" -H "$crumb" -X POST http://yuvi_jenkins:8080/job/ansible-project/build?delay=0sec

或者，我链接的文档建议将系统属性设置hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID为true，或使用 Strict Crumb Issuer Plugin 将 crumb 验证更改为使用时间而不是会话 ID

感谢https://github.com/spinnaker/spinnaker/issues/2067#issuecomment-544993648帮助我解决了同样的问题

jenkins - 请求中没有包含有效的面包屑 - Jenkins 403

问题描述

解决方案

推荐阅读