启用LDAP后,如何从Github正确认证到Jenkins webhooks?
[英]How to properly authenticate into Jenkins webhooks from Github when LDAP is enabled?
问题描述
We have done a fair amount of work and have come pretty close to getting Jenkins to automatically kick off a build when a push is made into Github. 
我们已经做了很多工作,并且已经接近让詹金斯(Jenkins)在推入Github时自动开始构建。 However, Github is logging an error from Jenkins when attempting to post to the Github plugin webhook as follows: 但是,当尝试发布到Github插件webhook时,Github记录了来自Jenkins的错误,如下所示:
Error 401 Either no such user 'CN=Github Account,OU=Jenkins,OU=Applications,DC=mydomain,DC=com' or incorrect password; 错误401没有这样的用户'CN = Github帐户,OU = Jenkins,OU =应用程序,DC = mydomain,DC = com'或密码错误; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece?] 嵌套的异常是javax.naming.AuthenticationException:[LDAP:错误代码49-80090308:LdapErr:DSID-0C090334,注释:AcceptSecurityContext错误,数据52e,vece?]
We have LDAP enabled in our environment to allow for active directory logins. 我们在环境中启用了LDAP,以允许活动目录登录。 An account called "github" has been created on our domain and authorized as a Jenkins user. 已经在我们的域上创建了一个名为“ github”的帐户,并被授权为Jenkins用户。 We are able to manually login to Jenkins by punching in the username and password for this account and it works as expected. 我们可以通过输入此帐户的用户名和密码来手动登录Jenkins,它可以按预期运行。 The "github" account has been authorized on the project for READ and BUILD directives on the job. “ github”帐户已在项目中获得工作上的READ和BUILD指令的授权。
On Github, the push webhook has the url defined as follows: 在Github上,推送Webhook的URL定义如下:
http://github:password@jenkins.mydomain.com:8080/github-webhook/ HTTP:// github上:password@jenkins.mydomain.com:8080 / github上,网络挂接/
We can confirm that the push event effectively triggers the post to the URL, but the response is a 401 with error details as described above. 我们可以确认push事件有效地触发了到URL的发布,但是响应是带有错误详细信息的401,如上所述。 We know the account is valid and the password is correct, but we are stuck because we cannot understand why Jenkins suggests that it is invalid. 我们知道该帐户有效且密码正确,但是由于我们无法理解詹金斯为何认为该帐户无效,所以我们被卡住了。
We have used the following link, among many others as a guide: 我们已经使用以下链接作为指导:
http://fourkitchens.com/blog/2011/09/20/trigger-jenkins-builds-pushing-github http://fourkitchens.com/blog/2011/09/20/trigger-jenkins-builds-pushing-github
As far as we can tell, the only difference between our configuration and those of others who have posted about their success on blogs and here on Stackoverflow is our use of LDAP authentication. 据我们所知,我们的配置与在博客上以及在Stackoverflow上发布过有关其成功的其他配置之间的唯一区别是我们对LDAP身份验证的使用。
Does anyone have any guidance to help us overcome this hurdle? 有没有人指导我们克服这一障碍? Currently, we can successfully run a build manually, so our communication TO Github FROM Jenkins is tip top. 当前,我们可以成功地手动运行构建,因此,与詹金斯(Jenkins)的Github交流是最重要的。 But Github back to Jenkins is a frustrating no-go. 但是Github回到Jenkins实在令人沮丧。
1 个解决方案
解决方案1
1 已采纳 2014-04-11 15:37:10
This is now working. 现在正在工作。 Here is what went wrong. 这是哪里出了问题。 When configuring the following string, pay careful attention to both the username and password: 配置以下字符串时,请同时注意用户名和密码:
http://github:password@jenkins.mydomain.com:8080/github-webhook/ HTTP:// github上:password@jenkins.mydomain.com:8080 / github上,网络挂接/
In our case, the password contained special characters that Jenkins was tripping over. 在我们的案例中,密码包含詹金斯(Jenkins)被绊倒的特殊字符。 Usernames and passwords with special characters must be URL encoded or the authentication will fail. 带有特殊字符的用户名和密码必须经过URL编码,否则身份验证将失败。 For example, the following password 例如,以下密码
!test+pw !测试+ PW
must be URL encoded as follows: 必须将URL编码如下:
%21test%2Bpw %21test%2Bpw
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.