Jenkins

Jenkins:開啟全域安全後訪問被拒絕。如何還原?

  • January 2, 2018

需要幫助弄清楚這一點。我該如何解決這個問題?我想我啟用了全域安全性並立即看到了這個錯誤。

(在訪問 localhost:8080 時,我得到以下資訊……)

A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened.

Stack trace
hudson.security.AccessDeniedException2: anonymous is missing the Overall/Read permission
   at hudson.security.ACL.checkPermission(ACL.java:54)
   at hudson.model.Node.checkPermission(Node.java:418)
   at jenkins.model.Jenkins.getTarget(Jenkins.java:3658)
   at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:656)
   at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
   at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631)
   at org.kohsuke.stapler.Stapler.service(Stapler.java:225)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
   at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686)
   at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494)
   at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96)
   at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88)
   at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
   at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
   at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
   at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
   at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
   at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
   at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
   at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
   at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
   at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
   at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
   at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
   at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
   at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
   at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
   at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
   at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
   at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
   at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
   at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
   at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
   at org.eclipse.jetty.server.Server.handle(Server.java:370)
   at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
   at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949)
   at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011)
   at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
   at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
   at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
   at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
   at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
   at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
   at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
   at java.lang.Thread.run(Thread.java:695)

編輯 config.xml 並將以下兩個 xml 標籤替換為以下版本。然後重啟你的伺服器。

 <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
 <securityRealm class="hudson.security.SecurityRealm$None"/>

請注意,您現有的標籤可能每個都跨越幾行。

您收到此錯誤是因為您啟用了安全性但沒有任何具有權限的使用者。要解決這個問題,首先編輯config.xml並設置useSecurityfalse

我假設您想使用本地身份驗證(使用者的本地數據庫)而不是外部數據庫(即 LDAP)。請按照以下從Jenkins 文件中獲取的步驟操作。

  1. 轉到“配置全域安全性”螢幕 ( http://server/jenkins/configureSecurity/ ) 並選擇“啟用安全性”。另一個可以嘗試的 URL 是http://server:8080/configureSecurity
  2. 選擇“Jenkins自己的使用者數據庫”作為安全領域
  3. 在“允許使用者註冊”旁邊打勾
  4. 選擇“基於矩陣的安全”作為授權
  5. 授予匿名使用者讀取權限
  6. 在表格下方的文本框中,輸入您的使用者名(稍後將創建)並點擊“添加”
  7. 通過檢查您的使用者名的整行來授予自己完全訪問權限
  8. 一直滾動到底部,點擊“保存”

使用版本 1.566 測試。

我建議恢復已接受答案中建議的更改,因為它可能會影響上述步驟。

引用自:https://serverfault.com/questions/556664

相關問答

Ansible

是否需要 Jenkins Debian Repo 密鑰

  • July 18, 2022
檢視問答
Windows-Server-2012

Jenkins Slave 在建構期間離線

  • April 28, 2022
檢視問答
Git

在聲明性 Jenkins 管道中使用 GIT 變數

  • April 26, 2022
檢視問答
Scripting

如何從命令行檢查 Jenkins 建構的建構狀態?

  • March 2, 2022
檢視問答
Service

runit 不會在 sv stop 或 sv reload 時終止程序

  • January 28, 2022
檢視問答
Jenkins

Jenkins CLI .jar 文件儲存在伺服器的什麼位置?

  • January 13, 2022
檢視問答