I cannot seem to find a good explanation on how to get Jenkins running on a Tomcat server using basic HTTP authentication.
Some basic information:
OS: Windows 7 64 bit
Tomcat version: 7.0.40
Jenkins version: 1.516
Reverse-Proxy Auth Plugin version: 1.0.1
Java SDK version: 1.7.0_17
Java JRE version: 7
Tested with Chrome and IE
I currently have Jenkins up and running successfully on my Tomcat server with the Reverse-Proxy Auth Plugin (https://wiki.jenkins-ci.org/display/JENKINS/Reverse+Proxy+Auth+Plugin) enabled, a user and role added in tomcat-users.xml
, and a few lines added to me web.xml
. Both of which are displayed below. (Both files are located at C:/Program Files/Apache Software Foundation/Tomcat 7.0/conf/
)
tomcat-users.xml (Everything is default except adding of one role and one user)
<role rolename="Administrator"/>
<user username="John" password="password" roles="Administrator"/>
web.xml (everything default except the addition of this section)
<security-constraint>
<web-resource-collection>
<web-resource-name>
Jenkins
</web-resource-name>
<url-pattern>/jenkins/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
I am not sure why but whenever I go to http://localhost:8080
or http://localhost:8080/jenkins
there is no login prompt, but if I change the <url-pattern>/jenkins/*</url-pattern>
to <url-pattern>/*</url-pattern>
I get a login prompt simply by going to http://localhost:8080
, which is fine. After I log in if I go to /jenkins then I get forwareded to the login page, which is all "messed up" [none of the resources show up and the page looks broken].
This is what it looks like:
Here is a link that I found that is close to the same issue I am having. https://groups.google.com/forum/?fromgroups#!topic/jenkinsci-users/AVTklGHmzkc
Any help would be appreciated!
EDIT 1
Added the versions of Java in case that is needed/relevant
EDIT 2
Added a picture of what Jenkins looks like when it is "broke"
UPDATE 1
Still getting the same issues, have tried different combinations of things in the web.xml file but still getting the same issue.
UPDATE 2
No Fix found yet, but I have been doing my best to get around it. I will set the url-pattern to /*
, log into Tomcat, stop the server, change it back to /jenkins/*
(which I believe does nothing) and start the server again then go to the Jenkins page to get the authenticated HTTP headers. Still wanting a solution to my problem but have yet to find one...
Here are the problems I was able to spot:
There should be a
<security-role>
<role-name>Administrator</role-name>
</security-role>
element after the <login-config>
element
C:/Program Files/Apache Software Foundation/Tomcat 7.0/conf/web.xml
is the configuration for Tomcat's "default" servlet, which is used to serve static assets. Adding a security constraint to this servlet causes all the static assets to become inaccessible, which is causing filling your login screen with dead links.
Instead, add the security constraint to C:/Program Files/Apache Software Foundation/Tomcat 7.0/webapps/jenkins/WEB-INF/web.xml
This should just work, but additional changes to C:/Program Files/Apache Software Foundation/Tomcat 7.0/conf/server.xml
may be needed to configure the realm. See the Tomcat doc related to this.