Community
Participate
Working Groups
Build Identifier: Version: 3.7.2 Build id: M20120208-0800 If using the Hudson/Jenkins Builds connector with a username and password, I can validate the Settings and get the list of all build plans. My Jenkins 1.451 is configured to deny any access of anonymous users. So providing auth informations in Eclipse Build connector seems to work because I get a list of build plans. But refreshing the build plan list (click Refresh) or want to see the History of a build I get the error message Unexpected error: Unexpected response from Hudson server for '/api/xml': Forbidden Unexpected response from Hudson server for '/api/xml': Forbidden It only works if I configure jenkins to allow anonymous user to read job and build data. Reproducible: Always Steps to Reproduce: 1. Configure Jenkins/Hudson to deny anonymous user for everything 2. Create the Build-Server node in Eclipse Build View and provide username and password. Validate, select all build plans 3. Try to refresh the build list
Created attachment 211636 [details] Access right not working with Eclipse Builds
Created attachment 211637 [details] Access rights working with Eclipse Builds
Thanks for the feedback. I need some more information to investigate further. Which version of Mylyn are you using? Please verify that the problem persists if you use the latest weekly build which includes a number of authentication related improvements: http://eclipse.org/mylyn/downloads/#weekly .
(In reply to comment #3) > Thanks for the feedback. I need some more information to investigate further. > Which version of Mylyn are you using? Please verify that the problem persists > if you use the latest weekly build which includes a number of authentication > related improvements: http://eclipse.org/mylyn/downloads/#weekly . I've installed the weekly MyLyn plugins. I've used http://download.eclipse.org/mylyn/snapshots/weekly. Here are my installation details (with this installation the Refresh from the build plan list fails) : Mylyn Builds (Incubation) 0.9.0.I20120223-1148 org.eclipse.mylyn.builds.feature.group Eclipse Mylyn Mylyn Builds Connector: Hudson/Jenkins (Incubation) 0.9.0.I20120223-1148 org.eclipse.mylyn.hudson.feature.group Eclipse Mylyn Mylyn Commons Repositories HTTP Transport 0.9.0.I20120223-1148 org.eclipse.mylyn.commons.repositories.http.feature.group Eclipse Mylyn Mylyn Commons Repositories 0.9.0.I20120223-1148 org.eclipse.mylyn.commons.repositories.feature.group Eclipse Mylyn Mylyn Builds SDK (Incubation) 0.9.0.I20120223-1148 org.eclipse.mylyn.builds.sdk.feature.group Eclipse Mylyn Mylyn Commons 3.7.0.I20120223-1148 org.eclipse.mylyn.commons.feature.group Eclipse Mylyn Do you need more informations?
(In reply to comment #3) > Thanks for the feedback. I need some more information to investigate further. > Which version of Mylyn are you using? Please verify that the problem persists > if you use the latest weekly build which includes a number of authentication > related improvements: http://eclipse.org/mylyn/downloads/#weekly . Today I've updated my MyLyn plugins over the weekly update site. With the following plugin versions everything is working fine. Even if I deny everything for the anonymous user. Mylyn Builds (Incubation) 0.9.0.I20120227-0631 org.eclipse.mylyn.builds.feature.group Eclipse Mylyn Mylyn Builds Connector: Hudson/Jenkins (Incubation) 0.9.0.I20120227-0631 org.eclipse.mylyn.hudson.feature.group Eclipse Mylyn Mylyn Builds SDK (Incubation) 0.9.0.I20120227-0631 org.eclipse.mylyn.builds.sdk.feature.group Eclipse Mylyn Mylyn Commons 3.7.0.I20120227-0631 org.eclipse.mylyn.commons.feature.group Eclipse Mylyn
Thanks for letting me know. There weren't any authentication related fixes in the Hudson connector in that particular build but I believe the HttpClient library was updated to a newer release as part of the update. Please let me know if you run into the problem again as this may occur intermittently.
(In reply to comment #6) > Thanks for letting me know. There weren't any authentication related fixes in > the Hudson connector in that particular build but I believe the HttpClient > library was updated to a newer release as part of the update. Please let me > know if you run into the problem again as this may occur intermittently. Ok, you are right. After restarting my Jenkins server, the error came back. Now I have the same behaviour like before.
Do you have "Prevent Cross Site Request Forgery exploits" in the Jenkins settings enabled?
(In reply to comment #8) > Do you have "Prevent Cross Site Request Forgery exploits" in the Jenkins > settings enabled? No, this option is disabled in my configuration
Thanks. I'll try to reproduce the problem.
I have pushed a fix that adds validation for the authentication cookie. I also added code to re-authenticate and retry requests in case of access forbidden errors. These can occur for instance when Hudson/Jenkins is restarted and all login sessions are expired even though cookies are still valid. Andreas, please try the latest weekly build and reopen in case you are still experiencing the problem described in this bug.
