This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
Summary: | Cannot authenticate when CSRF enabled | ||
---|---|---|---|
Product: | connecteddeveloper | Reporter: | Tomas Mysik <tmysik> |
Component: | Hudson | Assignee: | Jesse Glick <jglick> |
Status: | VERIFIED FIXED | ||
Severity: | normal | CC: | javydreamercsw, rkubacki |
Priority: | P3 | ||
Version: | 7.0 | ||
Hardware: | PC | ||
OS: | Linux | ||
Issue Type: | DEFECT | Exception Reporter: | |
Bug Depends on: | 209427, 224586 | ||
Bug Blocks: | |||
Attachments: | IDE log |
*** Bug 193009 has been marked as a duplicate of this bug. *** I guess https://hudson.orchitech.cz/api/xml?tree=useCrumbs says true. Seems to be reproducible only when "Prevent Cross Site Request Forgery exploits" is checked. BTW your HTTPS cert is invalid. (In reply to comment #2) > I guess https://hudson.orchitech.cz/api/xml?tree=useCrumbs says true. Yes, you are right. I think I have a fix, please test. core-main #1a8c09b7089e (In reply to comment #4) > I think I have a fix, please test. core-main #1a8c09b7089e Super, thanks a lot Jesse! I will test it after the change is propagated to the web-main repository. Verified the original scenario, it means that Hudson job can be successfully started. However, please have a look at issue #193009. Thanks a lot. Product Version: NetBeans IDE Dev (Build 101208-6428741fbbfb) Java: 1.6.0_22; Java HotSpot(TM) 64-Bit Server VM 17.1-b03 System: Linux version 2.6.35-23-generic running on amd64; UTF-8; cs_CZ (nb) Integrated into 'main-golden', will be available in build *201012090001* on http://bits.netbeans.org/dev/nightly/ (upload may still be in progress) Changeset: http://hg.netbeans.org/main/rev/1a8c09b7089e User: Jesse Glick <jglick@netbeans.org> Log: #193008: Cannot authenticate when CSRF enabled *** Bug 185144 has been marked as a duplicate of this bug. *** |
Created attachment 103695 [details] IDE log Hudson v1.386 (behind HTTP proxy). If I start Hudson job from NB, nothing happens. In the server log, I can see this message: 7.12.2010 18:23:00 hudson.security.csrf.CrumbFilter doFilter WARNING: No valid crumb was included in request for /job/IAS-CCDB2/build. Returning 403. Attaching IDE log (logging with FINE level). Product Version: NetBeans IDE Dev (Build 101207-82ef52c60670) Java: 1.6.0_22; Java HotSpot(TM) 64-Bit Server VM 17.1-b03 System: Linux version 2.6.35-23-generic running on amd64; UTF-8; cs_CZ (nb)