search

ghale / gradle-jenkins-plugin

Gradle plugin to programmatically configure Jenkins jobs.
123 stars 42 forks source link

Jenkins 2.0 and Gradle 2.13 "No valid crumb was included in the request" #78

Open emartynov opened 8 years ago

emartynov commented 8 years ago

I don't know if it is a coincidence of two tools newest versions.

I'm getting error when trying to update jenkins items:

17:48:52.012 [DEBUG] [groovyx.net.http.RESTClient] POST http://localhost:8080/createItem?name=android-lov-545-login-tree-structure
17:48:52.012 [DEBUG] [org.apache.http.impl.conn.BasicClientConnectionManager] Get connection for route {}->http://localhost:8080
17:48:52.012 [DEBUG] [org.apache.http.impl.client.DefaultHttpClient] Stale connection check
17:48:52.014 [DEBUG] [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
17:48:52.014 [DEBUG] [org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
17:48:52.014 [DEBUG] [org.apache.http.client.protocol.RequestTargetAuthentication] Target auth state: UNCHALLENGED
17:48:52.014 [DEBUG] [org.apache.http.client.protocol.RequestProxyAuthentication] Proxy auth state: UNCHALLENGED
17:48:52.014 [DEBUG] [org.apache.http.impl.client.DefaultHttpClient] Attempt 1 to execute request
17:48:52.014 [DEBUG] [org.apache.http.impl.conn.DefaultClientConnection] Sending request: POST /createItem?name=android-lov-545-login-tree-structure HTTP/1.1
17:48:52.117 [DEBUG] [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 403 No valid crumb was included in the request
feyrob commented 8 years ago

Disabling security on the Jenkins server allowed me to work around this.

page: http://localhost:8080/configureSecurity/

options I changed

Depending on your use case that might not be acceptable though.

I'm using Jenking 2.0 (downloaded on 2016-04-28).

emartynov commented 8 years ago

Thanks, I found the same solution and it is acceptable for our case.

tianxiexingyun commented 7 years ago

Thanks @feyrob . Your answer help us a lot.

atom-b commented 7 years ago

Only setting "Prevent Cross Site Request Forgery exploits" to false worked for me, no need to disable global security entirely. Jenkins 2.7.4.

pjois14 commented 7 years ago

Thansk @feyrob ..It Worked...

bentcoder commented 7 years ago

I don't like the solutions above for security reasons so no need to disable security stuff as shown here: http://www.inanzzz.com/index.php/post/jnrg/running-jenkins-build-via-command-line

costimuraru commented 6 years ago

It would be great if the plugin would generate a crumb on its own. Having to turn off "Prevent Cross Site Request Forgery exploits" to get around this issue seems too much.

gotoworld commented 6 years ago

Only setting "Prevent Cross Site Request Forgery exploits" to false worked for me too

crc83 commented 6 years ago

Corrected here for version 1.4.3: https://github.com/crc83/gradle-jenkins-plugin You may find this plugin here https://plugins.gradle.org/plugin/com.sbelei.jenkins