Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Jenkins build : Expected code 200 OK but received code 403 with message: Forbidden

Questions
Tags
Users
Badges
Rakesh A
(33533) Jul 08 '20, 6:41 a.m.
Hello,
  I am using Jenkins 2.235.1 & RTC server is 6.0.6.1 IFIX 010. I am triggering a build in build definition from Client. I am getting below error. But works fine If build is triggered from Jenkins directly. What could be the problem ?

java.io.IOException: Error submitting build to Hudson/Jenkins. Expected code 200 OK but received code 403 with message: Forbidden

0 votes

3 answers
6,307 views
0 votes

Accepted answer

Permanent link
Dinesh Kumar B
JAZZ DEVELOPER (4.1k413) Jul 09 '20, 8:35 a.m.
Hi Rakesh,

With more recent versions of Jenkins, additional security is enforced by default to prevent Cross Site Request Forgery.  Since you are on 2.235, I believe that restrictions is what preventing the request form RTC to Jenkins.

Check if "Prevent Cross Site Request Forgery exploits" is enabled on your Jenkins Server.  To reach this option on Jenkins, you can follow : Jenkins Home Page >> Manage Jenkins >> Configure Global Security >> Look under the section named "CSRF Protection".

If you find "Prevent Cross Site Request Forgery exploits" is enabled, disable it and try the build request.


Also, I have noticed that sometimes, removing the checkbox does not always remove the enforced security., and you may have to do it using the Script Console., if you do see that the unchecking "Prevent Cross Site Request Forgery exploits" did not help, you may want to try the script console...

Open “Manage Jenkins”/“Script Console” and enter the following script there
import jenkins.model.Jenkins
def instance = Jenkins.instance
instance.setCrumbIssuer(null)
println("done")
under results you should see the text “done”, now retry the failing operation again….

hope you build succeeds now...
Rakesh A selected this answer as the correct answer

0 votes

Comments
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Dec 08 '20, 4:34 a.m.
Note, you must create an API token for the user and use that in the Build engine definition. See

2 other answers

Permanent link
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (63.9k33648) Jul 08 '20, 7:08 a.m.
When RTC requests a build, it has to communicate to the Jenkins Server. The configuration for that is likely incorrect. It was correct, but no more. E.g. the user used to talk to Jenkins or the password is changed.

The Jenkins integration needs to be configured in a special build engine definition. And in the Build definition there is additional configuration. Check that configurations and test that RTC can talk to Jenkins.

0 votes

Permanent link
Karthikeyan P
(216) Sep 18 '20, 10:46 a.m.

 Hi Dinesh,


Disabling CSRF check is not a recommended practice right? We did try that and it worked. We reversed it back. Is there any other way we can avoid this CSRF issue between Jenkins and RTC? 
We are able to successfully trigger build from Jenkins. But when we try the other way i.e from RTC, it is throwing 403 forbidden error "Caused by: com.ibm.team.build.common.TeamBuildException: Error posting XML document to Hudson/Jenkins site. Received code 403 with message: Forbidden". 

Thanks and Regards,
Karthikeyan P

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 6,121
× 15

Question asked: Jul 08 '20, 6:41 a.m.

Question was seen: 6,307 times

Last updated: Dec 08 '20, 4:34 a.m.

Confirmation Cancel Confirm