Skip to content

hudson.security.csrf.CrumbFilter.doFilter No valid crumb was included in request for /jenkins/manage/configSubmit by admin. Returning 403. #368

New issue
New issue
Open
Bug
Open
hudson.security.csrf.CrumbFilter.doFilter No valid crumb was included in request for /jenkins/manage/configSubmit by admin. Returning 403.#368
Bug
@tanglinyan

Description

@tanglinyan
tanglinyan
opened on Jan 13, 2025

Jenkins and plugins versions report

Environment 
Jenkins: 2.479.3
OS: Linux - 5.14.0-362.8.1.el9_3.x86_64
Java: 17.0.10 - Oracle Corporation (Java HotSpot(TM) 64-Bit Server VM)
---
ant:511.v0a_a_1a_334f41b_
antisamy-markup-formatter:162.v0e6ec0fcfcf6
apache-httpcomponents-client-4-api:4.5.14-208.v438351942757
asm-api:9.7.1-97.v4cc844130d97
bootstrap5-api:5.3.3-1
bouncycastle-api:2.30.1.79-254.vfdb_814e7791e
branch-api:2.1206.vd9f35001c95c
build-timeout:1.33
caffeine-api:3.1.8-133.v17b_1ff2e0599
checks-api:2.2.1
cloudbees-folder:6.976.v4dc79fb_c458d
command-launcher:116.vd85919c54a_d6
commons-lang3-api:3.17.0-84.vb_b_938040b_078
commons-text-api:1.12.0-129.v99a_50df237f7
config-file-provider:980.v88956a_a_5d6a_d
copyartifact:761.vea_2b_25523e84
credentials:1405.vb_cda_74a_f8974
credentials-binding:687.v619cb_15e923f
dark-theme:514.va_3ea_73d65dc1
dependency-check-jenkins-plugin:5.6.0
dingding-notifications:2.7.3
display-url-api:2.209.v582ed814ff2f
durable-task:581.v299a_5609d767
echarts-api:5.5.1-5
eddsa-api:0.3.0-4.v84c6f0f4969e
email-ext:1866.v14fa_6d201654
envinject:2.919.v009a_a_1067cd0
envinject-api:1.199.v3ce31253ed13
font-awesome-api:6.6.0-2
generic-webhook-trigger:2.2.5
git:5.7.0
git-client:6.1.0
git-parameter:0.10.0
github:1.40.0
github-api:1.321-478.vc9ce627ce001
github-branch-source:1807.v50351eb_7dd13
gitlab-plugin:1.9.6
gradle:2.14
gson-api:2.11.0-85.v1f4e87273c33
instance-identity:201.vd2a_b_5a_468a_a_6
ionicons-api:74.v93d5eb_813d5f
jackson2-api:2.17.0-379.v02de8ec9f64c
jakarta-activation-api:2.1.3-1
jakarta-mail-api:2.1.3-1
javadoc:280.v050b_5c849f69
javax-activation-api:1.2.0-7
javax-mail-api:1.6.2-10
jaxb:2.3.9-1
jdk-tool:80.v8a_dee33ed6f0
jersey2-api:2.44-151.v6df377fff741
jjwt-api:0.11.5-112.ve82dfb_224b_a_d
joda-time-api:2.13.0-93.v9934da_29b_a_e9
jquery3-api:3.7.1-2
jsch:0.2.16-86.v42e010d9484b_
json-api:20241224-119.va_dca_a_b_ea_7da_5
json-path-api:2.9.0-118.v7f23ed82a_8b_8
junit:1312.v1a_235a_b_94a_31
ldap:770.vb_455e934581a_
localization-support:1.2
localization-zh-cn:371.v23851f835d6b_
mailer:489.vd4b_25144138f
mapdb-api:1.0.9-40.v58107308b_7a_7
matrix-auth:3.2.3
matrix-project:840.v812f627cb_578
maven-plugin:3.24
mina-sshd-api-common:2.14.0-138.v6341ee58e1df
mina-sshd-api-core:2.14.0-138.v6341ee58e1df
nodejs:1.6.2
okhttp-api:4.11.0-183.va_87fc7a_89810
pam-auth:1.11
pipeline-build-step:540.vb_e8849e1a_b_d8
pipeline-github-lib:61.v629f2cc41d83
pipeline-graph-analysis:216.vfd8b_ece330ca_
pipeline-groovy-lib:745.vdf6077913de0
pipeline-input-step:508.v584c0e9a_2177
pipeline-milestone-step:119.vdfdc43fc3b_9a_
pipeline-model-api:2.2218.v56d0cda_37c72
pipeline-model-definition:2.2218.v56d0cda_37c72
pipeline-model-extensions:2.2218.v56d0cda_37c72
pipeline-rest-api:2.34
pipeline-stage-step:312.v8cd10304c27a_
pipeline-stage-tags-metadata:2.2218.v56d0cda_37c72
pipeline-stage-view:2.34
plain-credentials:183.va_de8f1dd5a_2b_
plugin-util-api:5.1.0
publish-over:0.22
publish-over-ssh:383.v4eb_4c44da_2dd
resource-disposer:0.25
role-strategy:743.v142ea_b_d5f1d3
scm-api:698.v8e3b_c788f0a_6
script-security:1369.v9b_98a_4e95b_2d
snakeyaml-api:2.3-123.v13484c65210a_
ssh-credentials:349.vb_8b_6b_9709f5b_
ssh-slaves:3.1021.va_cc11b_de26a_e
sshd:3.330.vc866a_8389b_58
strict-crumb-issuer:2.1.1
structs:338.v848422169819
subversion:1281.vc8837f91a_07a_
theme-manager:262.vc57ee4a_eda_5d
thinBackup:2.1.1
timestamper:1.28
token-macro:400.v35420b_922dcb_
trilead-api:2.147.vb_73cc728a_32e
variant:60.v7290fc0eb_b_cd
workflow-aggregator:600.vb_57cdd26fdd7
workflow-api:1336.vee415d95c521
workflow-basic-steps:1058.vcb_fc1e3a_21a_9
workflow-cps:4007.vd705fc76a_34e
workflow-durable-task-step:1398.vf6c9e89e5988
workflow-job:1476.v90f02a_225559
workflow-multibranch:795.ve0cb_1f45ca_9a_
workflow-scm-step:427.v4ca_6512e7df1
workflow-step-api:678.v3ee58b_469476
workflow-support:936.v9fa_77211ca_e1
ws-cleanup:0.48  ```

</details>


### What Operating System are you using (both controller, and any agents involved in the problem)?

OS: Linux - 5.14.0-362.8.1.el9_3.x86_64

### Reproduction steps

Use /manage/configure to add a 403 to ssh server when saved.
Important logs: "WARNING [Handling for POST/Jenkins/manage/configSubmit from 192.168.10.21: http-nio-8080-exec-10] hudson.security.csrf.CrumbFilter.doFilter No valid crumb was included in request for /jenkins/manage/configSubmit by admin. Returning 403.


### Expected Results

...

### Actual Results

...

### Anything else?

_No response_

### Are you interested in contributing a fix?

I tried to solve it, but failed

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions