Reputation: 432
Jenkins HTTP ERROR 403 No valid crumb was included in the request
I have updated Jenkins version with k8s pod, I download jenkins war and exec to pod then I replace war file. The last I restart pod (kubectl delete pod ....). In this process, I have disabled Jenkins login by change tab useSecurity in config.xml file to false.
I access Jenkins GUI => Manage Jenkins > Configure Global Security and Enabled login Logged-in users can do anything and then I re-login. I got this error.
[The error:]
[1]: https://i.sstatic.net/zFqPu.png
Old Jenkins version : 2.121.3
New Jenkins version : 2.235
Any suggestions?
Upvotes: 1
Views: 3761
Answers (1)
Reputation: 1979
The Crumb is Jenkins way of CSRF protection. As of version 2.222 this protection has been enabled by default. The proper way of working with the CSRF crumbs is documented in CSRF protection explained.
But since you are running without any security at all, you probably want to just disable CSRF protection at all:
Set the system property
hudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTIONto true on startup to disable CSRF protection as well as the configuration UI for it. This is an unsupported option and may be removed in the future.
Upvotes: 4
Related Questions
- Jenkins: 403 No valid crumb was included in the request
- Jenkins API Crumb 403
- Jenkins update 2.289 login error : HTTP ERROR 403 No valid crumb was included in the request
- Jenkins 403 Error: No valid crumb was included in the request
- Jenkins 2.192: HTTP Error 403: No valid crumb was included in the request
- Jenkins 403 No valid crumb was included in the request
- Jenkins : Error 403 No valid crumb was included in the request : From TFS
- Jenkins Docker container - 403 no valid crumb was included in the request
- No valid crumb was included in the request - Jenkins 403
- Jenkins on AWS: No valid crumb was included in the request