It's all about the answers!

Ask a question

Build Jenkins RTC6.0.2 Error Expected code 200 OK but received code 403 with message: Forbidden


Boyan Petrov (1112) | asked Oct 19 '16, 12:47 p.m.
edited Oct 19 '16, 12:48 p.m.
Hello,
We are having the issue in the title with :
     Jazz RTC 6.0.2
     Jenkins 2.7.2
When we test our connection from RTC to Jenkins server it is OK :

Connection test requested.
    Connecting to: https://jenkins.server.com
    Found header: X-Jenkins - 2.7.2
    Found header: X-Hudson - 1.395
    Test connection SUCCESSFUL!


When we are strating build from Jenkins Server the build is succesfull.

When we try to start a build from RTC Server we are getting this error :

Error starting Hudson/Jenkins build for job "kpi/job/build-nightly":
java.io.IOException: Error submitting build to Hudson/Jenkins. Expected code 200 OK but received code 403 with message: Forbidden
    at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.startHudsonBuild(HudsonBuildLoopRunnable.java:562)
    at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.processRequest(HudsonBuildLoopRunnable.java:225)
    at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopRunnable.run(HudsonBuildLoopRunnable.java:143)
    at com.ibm.rational.hudson.team.internal.service.HudsonBuildLoopScheduledTask.runTask(HudsonBuildLoopScheduledTask.java:45)
    at com.ibm.team.repository.service.async.AbstractAutoScheduledTask.executeTask(AbstractAutoScheduledTask.java:96)
    at sun.reflect.GeneratedMethodAccessor189.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
    at java.lang.reflect.Method.invoke(Method.java:620)
    at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord.invoke(ExportProxyServiceRecord.java:361)
    at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord.access$0(ExportProxyServiceRecord.java:347)
    at org.eclipse.soda.sat.core.internal.record.ExportProxyServiceRecord$ExportedServiceInvocationHandler.invoke(ExportProxyServiceRecord.java:56)
    at com.sun.proxy.$Proxy1257.executeTask(Unknown Source)
    at com.ibm.team.repository.service.internal.scheduler.AsynchronousTaskRunner.runTask(AsynchronousTaskRunner.java:185)
    at com.ibm.team.repository.service.internal.scheduler.AsynchronousTaskRunner.run(AsynchronousTaskRunner.java:138)
    at java.lang.Thread.run(Thread.java:809)

3 answers



permanent link
Spencer Murata (2.3k115971) | answered Oct 19 '16, 3:27 p.m.
FORUM MODERATOR / JAZZ DEVELOPER
The problem is likely a permissions issue.  Since the connection test worked its probably not an issue the Jenkins user is likely okay, but may not have the proper permissions to the Jenkins project to start it.  I would check to see what user you used to start the job directly on the server and use that same user for the Jenkins engine.  If that works, then return to the dedicated Jenkins build user and make sure it has all the required permissions for the job.

~Spencer 

Comments
Boyan Petrov commented Oct 20 '16, 3:49 a.m.

Hello Spencer,
Thank ou for your reply.
The user that we are using to test the connection and to start a build jobs in Jenkins is the same. He has admin rights over the Jenkins server.
I think the problem is not on the Jenkins side, because when we start the builds from Jenkins everything is OK ...

Regards,
Boyan


permanent link
Sridevi Sangaiah (59179) | answered Oct 21 '16, 7:00 a.m.
JAZZ DEVELOPER
Like Spencer suggested, this seems to be a permission issue.

Can you please confirm that the credentials that you are using to start builds from Jenkins is same as the credentials configured for Jenkins build engine in RTC. In spite of the user being a Jenkins administrator, your security settings might restrict permission to start a build, only to particular users or groups.

Regards,
Sridevi

permanent link
michel latournerie (11) | answered Jan 15 '20, 2:00 p.m.

CHECK CSRF:
We faced the same issue: restarting the jenkins server triggered that same error message.
It appeared to be the result of the 'SECURITY-626: Improved CSRF protection' Jenkins security enhancement.


An immediate solution (workaround or actual fix depending on your security requirements) is the following:
- as a jenkins administrator, uncheck the 'csrf protection' box of the 'configureSecurity' administration web page ("Manage Jenkins"->"Configure Global Security").
- request a new rtc build.

Notice: the jenkins logs had provided the clue for that solution with that kind of message: "WARNING hudson.security.csrf.CrumbFilter#doFilter: No valid crumb was included in request for /job/myjob/buildWithParameters by rtcuser. Returning 403."

Your answer


Register or to post your answer.