How to install Jenkins on WebSphere 8.5 - jenkins

I'm trying to install jenkins(1.627) as it is described on the wiki, although I got this error.
Failed to load webapp: SRVE8111E: The application, jenkins_war, is trying to modify a cookie which matches a pattern in the restricted programmatic session cookies list [domain=*, name=JSESSIONID, path=/]
Any ideas how to fix?

Somehow Jenkins app is trying to modify JSESSIONID cookie settings. Try to remove in the Security > Global Security > Programmatic session cookie configuration the matching row ([domain=*, name=JSESSIONID, path=/]). I didn't test that, so might not work.

In fact i just change the cookie name:
Websphere Application Servers -> session management -> enable cookies
-> Cookie Name
Changed it to another name(I set to JSESSIONID_jenkins), and it worked.

Related

Process 'appcmd.exe' exited with code '87'-The parameter is incorrect

I used the Azure DevOps IIS web app manage task. I am getting the error shown below.
2023-02-09T10:06:55.1071184Z ##[command]"C:\Windows\system32\inetsrv\appcmd.exe" list apppool /name:"apppoolname"
2023-02-09T10:06:55.2783889Z ##[command]"C:\Windows\system32\inetsrv\appcmd.exe" set apppool /apppool.name:"apppoolname" -managedRuntimeVersion: -managedPipelineMode:Integrated -processModel.identityType:ApplicationPoolIdentity
2023-02-09T10:06:55.4490177Z APPPOOL object "apppoolname" changed
2023-02-09T10:06:55.4645967Z ##[command]"C:\Windows\system32\inetsrv\appcmd.exe" list app "sitename/appname"
2023-02-09T10:06:55.6171480Z ##[command]"C:\Windows\system32\inetsrv\appcmd.exe" set app /app.name:"sitename/appname" -applicationPool:"apppoolname" -[path='/'].physicalPath:"C:\Web\App\PW\appname" -[path='/'].userName: -[path='/'].password:
2023-02-09T10:06:55.7323894Z APP object "sitename/appname" changed
2023-02-09T10:06:55.7325343Z ERROR ( hresult:80070057, message:Failed to commit configuration changes.
2023-02-09T10:06:55.7325882Z
2023-02-09T10:06:55.7326499Z The parameter is incorrect.
2023-02-09T10:06:55.7326903Z
2023-02-09T10:06:55.7327478Z )
2023-02-09T10:06:55.9123942Z ##[error]Process 'appcmd.exe' exited with code '87'.
2023-02-09T10:06:55.9427590Z ##[section]Finishing: Manage IISWebApplication
I ran the CLI command directly in the VM and got the same error. When I removed the password parameter in the set app command it worked.
I don't know how to exclude password parameter in the IIS web app manage task.
Is there any way to overcome this problem?
Need to exclude password parameter in the IIS web app manage task or any alternative way to overcome this problem

authentication failures with external users

I am trying to have SCM Manager accept users from my organization so they can log in using their Windows username and password. I have installed the LDAP plugin, but it still doesn't recognize my own windows username and password from my organization
I don't really understand - I think I shouldn't even need LDAP and some kind of basic authentication should be able to figure out my username password on windows active directory etc type of thing...
Do I need the SSL to do this? It says various things about a binding problem.
I am using the custom LDAP profile. I put wsproxy in the proxy server area and enabled. I have no idea what that means but it was the same configuration that I saw in a previous installation of SCM-server that worked with organizational credentials on windows server.
This problem occurred after upgrading from version 1.6 to 2.9.
Though I was not the person who set it up on v1.6.
UPDATE: what's needed is not LDAP plugin, but rather understanding how to configure active directory for SCM - previously, in 1.X versions active directory plugin worked under the hood - now it needs to be configured and I have no idea how -- also the active directory plugin for 1.X is no longer available - if you could provide me with that code I might be able to see how it connects to AD and then go from there on version 2.X - any chance you can get me access to the code of https://bitbucket.org/sdorra/scm-manager/wiki/active-directory-plugin??
We have an issue for the LDAP plugin saying that the migration of the ldap password may fail (though I cannot reproduce this), so maybe this happened with your migration, too. Proxy settings should not play any part in this game, because as far as I know company ldaps aren't behind a proxy.
The configuration for 2.x should be the same as for 1.60. We haven't changed anything here. So first I would try to reenter the "Connection Password". If this still fails, please use the "Test connection" feature. Enter a valid authentication here. This tells you, on what level the connection fails and may show you an exception with further information.
Feel free to post your results here for further investigation.

Grails spring-security-oauth-google : how to set up

I have installed the below plugins
compile 'org.grails.plugins:spring-security-core:3.1.1'
compile "org.grails.plugins:spring-security-oauth2:1.1.0"
compile "org.grails.plugins:spring-security-oauth2-google:1.1.0"
Spring security core is working properly.
But I am having issues in implementing the oauth-google authentication.
The plugin documentation says we need to pass the api_key and api_secret. I have created a project in console.developers.google.com and have created the API Key and Oauth Keys, I am confused on which values to use in the application.yml.
Because as per console.developers.google.com the API key and Oauth Key are separate credentials.
Any suggestion on from where to get and how to set the below values would be helpful.
api_key: 'AIzaSyBjfn345tg6j0ol1e89kHMOY'
api_secret: 'xseettDDNtjjuutrfuAFTe4d'
successUri: "/oauth2/google/success"
failureUri: "/oauth2/google/failure"
callback: "/oauth2/google/callback"
scopes: "some_scope"
api_key and api_secret
I took those keys from console.cloud.google.com/
API Manager > Credentials > Create / Edit the entry
then Client ID and Client Secret are the needed values. Other parameters are paths within the Grails app itself, I believe you can change those if you want to override the default behaviour of the plugin.
But there's more ...
Remember about whitelisting your callback address (done on the very same panel). For local connection I set it (on Google API Manager) as
http://localhost:8080/oauth2/google/callback
Remember that apart of calling grails s2-quickstart com.yourapp User Role you need to call also grails init-oauth2 ... (described here - https://github.com/MatrixCrawler/grails-spring-security-oauth2).
Next thing I had to was to override the default login page to be able to display the link mentioned here https://github.com/MatrixCrawler/grails-spring-security-oauth2-google <oauth2:connect provider="google" id="google-connect-link">Google</oauth2:connect>. The default ones are here https://github.com/grails-plugins/grails-spring-security-core/tree/master/grails-app/views/login you just have to copy them to grails-app/views/login/ and modify them.
Next problem was that script from point 2 didn't add static hasMany = [oAuthIDs: OAuthID] field to User domain, which caused the ask view submit to crash.
After that, the Google Oauth2 authentication worked for me.

DirContextOperations is null

So I have an application that works perfectly on my desktop, and also works perfectly when deployed to tomcat on a windows machine. However, when I attempt to use this application while deployed on the same version of tomcat, but on AIX, it fails to retrieve data out of LDAP.
A user is able to successfully authenticate, but the context is null. DirContextOperations is passed into my ContextMapper as null. Does anyone know what ports that need to be open to get this data or what other configuration may need to be done? Based on what I am seeing it has to be a server configuration issue somewhere.
If you are using Spring Security LDAP plugin then it will be easy to co-relate the below mentioned configuration in AIX with the app. I prepared few snapshots for the configuration so that I do not clutter the answer space here. Have a look at LDAP config in AIX and try to setup the same in AIX Server.
Now coming to the LDAP plugin, there is nothing much other than setting up a bunch of properties is required. Values for these properties will be available once the LDAP configuration is done in AIX (as mentioned in the above mentioned slide).
Note:-
After creating a standalone LDAP, you might need to add realm if the user is associated to a group. I have not mentioned the same in the slides since I do not have an active LDAP host available now.
UPDATE
Instead of using BindAuthenticator can you try switching to PasswordComparisonAuthenticator for authentication.
Using the below setting in Config forces to use PasswordComparisonAuthenticator to authenticate and return back the DirContextOperations. Can this setting be tried?
grails.plugins.springsecurity.ldap.authenticator.useBind = false
#Refer LdapAuthentication Implementations.
I am not sure if this will be the answer in your case. I was also getting null in DirContextOperations object when trying to obtain values from Active Directory.
I was trying to get ldap attributes like this as the Grails LDAP plugin Documentation states:
String mail = ctx.originalAttrs.attrs['mail'].values[0]
and all those were null. So I have changed the line above for this one instead and it works for me:
String mail = ctx.attributes.getAt('mail').values[0].toString()

URL pattern to include in JMeter for testing ASP.NET MVC website

I am trying to perform a load test with JMeter on my ASP.NET MVC website that I have published on IIS..
My problem is..I'm confused about what URL pattern should I include or exclude..Currently, URL is immaterial for me, so I tried with '.* ' in URL to include and nothing in URL to exclude.. But JMeter is recording only a jpg url...If I specify '.*\.jpg ' in exclude, it records nothing. I also tried '.*\.aspx ' in include and nothing in exclude, but that doesn't seem to be working either :(
Is this something MVC specific? I am not very sure how it handles urls..(I am doing all this for the first time..). I otherwise didn't have any issues recording steps on other servers like google,apache.jmeter.test etc. where there were normal html pages with my current JMeter settings:
A Thread Group called 'Users' having a
Recording Controller
HTTP request defaults pointing to localhost:9080
A Workbench with
HTTP Proxy Server pointing to localhost:9080
My connection setting is also on localhost:9080.
I'm running JMeter from behind my company's proxy server successfully.
Thanks for any help :)
Realized later that it was not about URLs as such. My browser setting was probably faulty. I was using IE8..When I switched to Firefox, got more fine-grained control on the settings..These settings before recording worked for me:
Set manual proxy configuration to localhost,8081.
Check 'Use this proxy for all protocols'
Leave 'No proxy for' field blank
No 'Automatic proxy configuration'
Click OK.
After this if you try to access your site on IIS while JMeter proxy server hasn't started yet, it wouldn't, saying the connection was refused.
After this, go to JMeter and click the Start button to record. Try acessing the site again. It should come up :) Some more details:
There was no need to specify port number in HTTP request defaults. Just specified it in HTTP proxy server (8081 in my case).
For the session information to be saved properly, you must use a cookie manager (preferably, keep it at the top)..When you record, you get a HTTP header manager under each HTTP request if you had ticked the chekcbox against "Capture HTTP headers" in HTTP Proxy Server before recording..Copy this and add it as a child under your thread group.
Hope this helps someone struggling like me :)

Resources