No Valid Crumb Error After Plug-in Installation

Hello guys,

I am facing an error after i install Git plugins. Currently i am using Jenkins 2.289.3. After i install Git plugins along with it dependencies, i restart my jenkins. After a while it give an error, which i dont have any record of, about ‘the plugins load before jenkins could start’ i cant remember the exact wording.

I do quick search on google and they suggest to downgrade to version 2.263.1 and disable security, which i do exactly. Then i change the version back to 2.289.3. Now i can access back to Jenkins but when i want to change the Configure Global Security and select ‘Jenkins’ own user database’ it giving me this error:

This error is not limited to this config, when i try to ‘Save’ or ‘Apply’ any config it will go the 403 error page

I try to enable the CSRF Protection config, but when i ‘Apply’ or ‘Save’ it will also go to the 403 error page

Can anyone advise what should i do to fix this error?

Thank you.

This is the error page:

If you are using a reverse proxy (nginx, apache, HAproxy, tomcat, etc.), then you might consider:

In any case, you should upgrade to a newer Jenkins version. The Jenkins project provides security updates for the most recent LTS release and the most recent weekly release. Older releases do not receive security updates.

Hi @MarkEWaite ,
I also facing same issue and as you told we have followed all the instructions release notes before upgrading to latest version as per release notes updated all the plugins and everything.
Note:- I’m not using any reverse proxy.
I also enabled the CSRF Protection config, but when i ‘Apply’ or ‘Save’ it will also go to the 403 error page.
please let me know anything i need to check to resolve this issue.

Read that article. Follow the instructions in the article. I don’t have more suggestions to offer than that. I have used Jenkins behind an nginx proxy with good results, but it did require that I follow the detailed instructions for reverse proxy configuration.

I assume that in your case, your decision to run behind tomcat may require additional configuration similar to the reverse proxy configuration instructions. I don’t run Jenkins behind tomcat, so don’t have any additional guidance to offer.

OK. we are not using reverse proxy we are using Tomcat as web-server to deploy the Jenkins war file.

99.9999% of all the crumb issues are either plugins crashing (which will show up in your jenkins logs), or whatever reverse proxy (nginx, apache, haproxy, etc)/load balancer (AWS, DO, Azure, etc) isn’t sending the X-Forwarded-For, and X-Forwarded-Proto headers properly, or badly configured url in your config.

Without more details, all we can say is that its one of those 3, and you should review your setup.

Thanks, for my case i think this is the caused. My jenkins is hosted on kubernetes instance, so the NodePort seems to fix my issue.

Thanks

Yup, seems like headers issue, i have update the NodePort and it seems to be working now.

Thanks

Hi @Insan,
My case i hosted Jenkins war file on Tomcat. Do you have any idea for my case because same error i’m getting.
You are telling headers issue…?So where i need to check and what i need to change please.

I host my Jenkins on k8s cluster, so the config might be different. You can check with the link provided by MarkEWaite above.

Enable CSRF Protection: Ensure that CSRF protection is enabled in the Jenkins security settings. To do this:

a. Go to Jenkins Dashboard.

b. Click on “Manage Jenkins” on the left-hand side.

c. Click on “Configure Global Security” to open the Global Security page.

d. Check the box for “Enable CSRF Protection” if it’s not already checked.

e. Re-login and check now

For people with this problem trying to setup jenkins on a windows machine.
If you are using wifi connection try changing to ethernet, this solved the issue for me.