2014년 1월 3일 금요일

jetty9 에 jenkins 설치 시 오류 해결(HTTP ERROR: 503 Problem accessing /jenkins. Reason: Service Unavailable)


http://localhost:8080/jenkins 에 접근하면 아래와 같은 오류가 발생할 것입니다.

- HTTP ERROR: 503 Problem accessing /jenkins. Reason: Service Unavailable
java.lang.IllegalStateException: No LoginService for org.eclipse.jetty.security.authentication.FormAuthenticator in org.eclipse.jetty.security.ConstraintSecurityHandler
     
at org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:44)
인증과 관련해서 발생하는 문제인데,
  1. jenkins.xml 파일을 추가하고
  2. realm.properties 를 추가하면 됩니다.


하단 예제를 보시기 전에 테스트 환경을 간략하게 알려드립니다.
  • JETTY_HOME = /srv/jetty
  • JETTY_PORT = 8081
  • JETTY_USER = jetty

권한 설정을 위해서 jenkins.xml 파일을 webapps에 생성합니다.
* jetty 9 부터는 contexts 폴더가 사라지고 관련 설정을 webapps 폴더에서 합니다.
# vi /srv/jetty/webapps/jenkins.xml
<?xml version="1.0"  encoding="ISO-8859-1"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">

<!-- ==================================================================
Configure and deploy the jenkins web application in $(jetty.home)/webapps/jenkins

Note. If this file did not exist or used a context path other that /jenkins
then the default configuration of jetty.xml would discover the jenkins
webapplication with a WebAppDeployer.  By specifying a context in this
directory, additional configuration may be specified and hot deployments 
detected.
===================================================================== -->

<Configure class="org.eclipse.jetty.webapp.WebAppContext">


  <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  <!-- Required minimal context configuration :                        -->
  <!--  + contextPath                                                  -->
  <!--  + war OR resourceBase                                          -->
  <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  <Set name="contextPath">/jenkins</Set>
  <Set name="war"><SystemProperty name="jetty.home" default="."/>/webapps/jenkins.war</Set>

  <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  <!-- Optional context configuration                                  -->
  <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
  <Set name="extractWAR">true</Set>
  <Set name="copyWebDir">false</Set>
  <Set name="defaultsDescriptor"><SystemProperty name="jetty.home" default="."/>/etc/webdefault.xml</Set>
  <!--<Set name="overrideDescriptor"><SystemProperty name="jetty.home" default="."/>/webapps/jenkins.d/override-web.xml</Set>-->

  <Get name="securityHandler">
    <Set name="loginService">
      <New class="org.eclipse.jetty.security.HashLoginService">
        <Set name="name">Jenkins Realm</Set>
        <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
            <!-- To enable reload of realm when properties change, uncomment the following lines -->
            <!-- changing refreshInterval (in seconds) as desired                                -->
            <!-- 
           <Set name="refreshInterval">5</Set>
           <Call name="start"></Call>
           -->
      </New>
    </Set>
    <Set name="authenticator">
      <New class="org.eclipse.jetty.security.authentication.FormAuthenticator">
        <Set name="alwaysSaveUri">true</Set>
      </New>
    </Set>
    <Set name="checkWelcomeFiles">true</Set>
  </Get>

  <!-- Add context specific logger
 <Set name="handler">
   <New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler">
     <Set name="requestLog">
    <New id="RequestLogImpl" class="org.eclipse.jetty.server.NCSARequestLog">
      <Set name="filename"><Property name="jetty.logs" default="./logs"/>/jenkins-yyyy_mm_dd.request.log</Set>
      <Set name="filenameDateFormat">yyyy_MM_dd</Set>
      <Set name="append">true</Set>
      <Set name="LogTimeZone">GMT</Set>
    </New>
     </Set>
   </New>
 </Set>
 -->

</Configure>

만약 $JETTY_HOME/etc/realm.properties 파일이 존재하지 않으면 생성시켜줍니다.
  1. demo 에서 복사
# cp /srv/jetty/demo-base/etc/realm.properties /srv/jetty/etc
  2. 직접생성
# vi /srv/jetty/etc/realm.properties
#
# This file defines users passwords and roles for a HashUserRealm
#
# The format is
#  <username>: <password>[,<rolename> ...]
#
# Passwords may be clear text, obfuscated or checksummed.  The class
# org.eclipse.util.Password should be used to generate obfuscated
# passwords or password checksums
#
# If DIGEST Authentication is used, the password must be in a recoverable
# format, either plain text or OBF:.
#
jetty: MD5:164c88b302622e17050af52c89945d44,user
admin: CRYPT:adpexzg3FUZAk,server-administrator,content-administrator,admin,user
other: OBF:1xmk1w261u9r1w1c1xmq,user
plain: plain,user
user: password,user

# This entry is for digest auth.  The credential is a MD5 hash of username:realmname:password
digest: MD5:6e120743ad67abfbc385bc2bb754e297,user


마지막으로 다시 추가된 파일들을 위해서 권한 설정을 하고 재시작을 합니다.
# chown -R jetty:jetty /srv/jetty/webapps
chown -R jetty:jetty /srv/jetty/etc
# service jetty restart
curl http://localhost:8081/jenkins

댓글 없음:

댓글 쓰기