Build Jenkins RTC6.0.2 Error Expected code 200 OK but received code 403 with message: Forbidden
Hello,
Connection test requested.
Connecting to: https://jenkins.server.com
Found header: X-Jenkins - 2.7.2
Found header: X-Hudson - 1.395
Test connection SUCCESSFUL!
When we are strating build from Jenkins Server the build is succesfull.
When we try to start a build from RTC Server we are getting this error :
Error starting Hudson/Jenkins build for job "kpi/job/build-nightly":
java.io.IOException: Error submitting build to Hudson/Jenkins. Expected code 200 OK but received code 403 with message: Forbidden
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.startHudsonBuild(HudsonBuildLoopRunnable.java:562)
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.processRequest(HudsonBuildLoopRunnable.java:225)
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.run(HudsonBuildLoopRunnable.java:143)
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopScheduledTask.runTask(HudsonBuildLoopScheduledTask.java:45)
at com.ibm.team.repository.service.async.AbstractAutoScheduledTask.executeTask(AbstractAutoScheduledTask.java:96)
at sun.reflect.GeneratedMethodAccessor189.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord.invoke(ExportProxyServiceRecord.java:361)
at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord.access$0(ExportProxyServiceRecord.java:347)
at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord$ExportedServiceInvocationHandler.invoke(ExportProxyServiceRecord.java:56)
at com.sun.proxy.$Proxy1257.executeTask(Unknown Source)
at com.ibm.team.repository.service.internal.scheduler.AsynchronousTaskRunner.runTask(AsynchronousTaskRunner.java:185)
at com.ibm.team.repository.service.internal.scheduler.AsynchronousTaskRunner.run(AsynchronousTaskRunner.java:138)
at java.lang.Thread.run(Thread.java:809)
We are having the issue in the title with :When we test our connection from RTC to Jenkins server it is OK :
Jazz RTC 6.0.2
Jenkins 2.7.2
Connection test requested.
Connecting to: https://jenkins.server.com
Found header: X-Jenkins - 2.7.2
Found header: X-Hudson - 1.395
Test connection SUCCESSFUL!
When we are strating build from Jenkins Server the build is succesfull.
When we try to start a build from RTC Server we are getting this error :
Error starting Hudson/Jenkins build for job "kpi/job/build-nightly":
java.io.IOException: Error submitting build to Hudson/Jenkins. Expected code 200 OK but received code 403 with message: Forbidden
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.startHudsonBuild(HudsonBuildLoopRunnable.java:562)
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.processRequest(HudsonBuildLoopRunnable.java:225)
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.run(HudsonBuildLoopRunnable.java:143)
at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopScheduledTask.runTask(HudsonBuildLoopScheduledTask.java:45)
at com.ibm.team.repository.service.async.AbstractAutoScheduledTask.executeTask(AbstractAutoScheduledTask.java:96)
at sun.reflect.GeneratedMethodAccessor189.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord.invoke(ExportProxyServiceRecord.java:361)
at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord.access$0(ExportProxyServiceRecord.java:347)
at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord$ExportedServiceInvocationHandler.invoke(ExportProxyServiceRecord.java:56)
at com.sun.proxy.$Proxy1257.executeTask(Unknown Source)
at com.ibm.team.repository.service.internal.scheduler.AsynchronousTaskRunner.runTask(AsynchronousTaskRunner.java:185)
at com.ibm.team.repository.service.internal.scheduler.AsynchronousTaskRunner.run(AsynchronousTaskRunner.java:138)
at java.lang.Thread.run(Thread.java:809)
3 answers
The problem is likely a permissions issue. Since the connection test worked its probably not an issue the Jenkins user is likely okay, but may not have the proper permissions to the Jenkins project to start it. I would check to see what user you used to start the job directly on the server and use that same user for the Jenkins engine. If that works, then return to the dedicated Jenkins build user and make sure it has all the required permissions for the job.
~Spencer
~Spencer
Comments
Hello Spencer,
Thank ou for your reply.
The user that we are using to test the connection and to start a build jobs in Jenkins is the same. He has admin rights over the Jenkins server.
I think the problem is not on the Jenkins side, because when we start the builds from Jenkins everything is OK ...
Regards,
Boyan
Like Spencer suggested, this seems to be a permission issue.
Can you please confirm that the credentials that you are using to start builds from Jenkins is same as the credentials configured for Jenkins build engine in RTC. In spite of the user being a Jenkins administrator, your security settings might restrict permission to start a build, only to particular users or groups.
Regards,
Sridevi
Can you please confirm that the credentials that you are using to start builds from Jenkins is same as the credentials configured for Jenkins build engine in RTC. In spite of the user being a Jenkins administrator, your security settings might restrict permission to start a build, only to particular users or groups.
Regards,
Sridevi
CHECK CSRF:
We faced the same issue: restarting the jenkins server triggered that same error message.
It appeared to be the result of the 'SECURITY-626: Improved CSRF protection' Jenkins security enhancement.
An immediate solution (workaround or actual fix depending on your security requirements) is the following:
- as a jenkins administrator, uncheck the 'csrf protection' box of the 'configureSecurity' administration web page ("Manage Jenkins"->"Configure Global Security").
- request a new rtc build.
Notice: the jenkins logs had provided the clue for that solution with that kind of message: "WARNING hudson.security.csrf.CrumbFilter#doFilter: No valid crumb was included in request for /job/myjob/buildWithParameters by rtcuser. Returning 403."
- request a new rtc build.
Notice: the jenkins logs had provided the clue for that solution with that kind of message: "WARNING hudson.security.csrf.CrumbFilter#doFilter: No valid crumb was included in request for /job/myjob/buildWithParameters by rtcuser. Returning 403."