I have a WildFly installation which takes some time during startup due to the count and size of the deployments. So I would like to show a maintenance page until the full application is ready.
In one of the previous WildFly versions I used default-web-module as configuration option and registered a small WAR file, which was visible right away and was replaced as soon as the big application was available.
Unfortunately this is no longer possible with WildFly 22, instead an exception is thrown as soon as the real root application is deployed:
org.jboss.msc.service.DuplicateServiceException: Service jboss.undertow.deployment.default-server.default-host./.UndertowDeploymentInfoService is already registered
I know that I could put a small web server (nginx or similar) in front of WildFly to return my maintenance webpage as long as WildFly returns a 503 error. The only thing which prevents that is the fact, that the maintenance page still contains some logic which I would need to emulate on nginx.
Is there any other option which ensures that my maintenance page is delivered immediately while the other apps are still starting?
If I do understand your question correctly, what you want is to show error page of status 503 when server is down or 404 when server is replacing deployments.
But for your environment which don't have a web server in front of application server, we just need to consider 404 situation.
503 is for web server when the application server is down, therefore, 503 service unavailable.
First: Console -> Configuration tab
Head over to management console of Wildfly. And depends on what mode(domain or standalone) you are using ,there will be a little different inside configuration tab.
Second: Configuration -> Web -> Filters
If using domain mode, choose the profile you are using it.
And head over to Subsystem -> Web(Undertow) -> filters -> click 'View'.
I used profile 'full' in my local machine with domain mode, therefore, this is what my console looks like.
Path_to_Filters
Third: Choose Error page tab inside Filters
Set code and path like this, where code is what status code you hope the static page to show. And path is the file location of your static page.
setPathAndCode
You can see Wildfly doc for error-page settings.
Fourth: Configuration tab -> Web(Undertow) -> Server -> default-server(or what you used)
HeadToServer
Fifth: Choose Hosts tab inside servers
Choose 'Hosts' tab, and click add filter button.
Select the filter we just set in step three, and set predicate to true.
I'm not sure what will be effected if didn't set as true or left empty, cause it's not required fields.
Last: Restart the server in order to let your configuration works.
Now you should able to see your static page showed when you undeploy or re-deploy your application.
Sorry for not answering in too good answer format because I didn't answer any questions before.
** You can also set your standalone.xml or domain.xml like this to get the same result.
setXmlFile
I'm trying to create file system of my website in my local machine and I have configured static replication agent in author following this http://www.wemblog.com/2012/02/how-to-use-static-agent-in-cq-wem.html document.
When I click activate on a page nothing is getting created in the target folder. In logs, it is showing NOTHING TO REPLICATE for all the pages.
I tried the same agent with geometrixx site and the content is created for it.
Help me with the solution. Thanks in advance
Have you set the rules for your content branch ? Static agent configuration allows you to define the rules on the 2nd tab (Rules).
By default only sample Geometrixx websites are configured
/content/geo* ${path}.html?wcmmode=preview
/content/dam* ${path}
/content/geo* /content/geometrixx/en.topnav.html
/etc/designs/* ${path}
Make sure to add /etc/designs/* ${path}
I'm using the github oauth plugin for our logins but for all of our users in the Organisation I get an error:
Access Denied
<user> is missing the Overall/Read permission
I have tried everything I can possibly think of to try to make this work and I'm probably going to fallback to making everyone an admin user, which i would prefer not to do.
Any advise would be appreciated.
This is how I resolved the authentication problem:
Edit config.xml file, e.g.
sudo vi /var/lib/jenkins/config.xml
Change useSecurity element's value to false, e.g.
<useSecurity>false</useSecurity>
Remove authorizationStrategy block
Restart Jenkins: /etc/init.d/jenkins restart.
Access Jenkins through URL as usual and reconfigure security again.
I had the same problem with "... is missing the Overall/Read permission" on Jenkins (1.651.2) with activated Credentials Plugin.
But it was my own failure: I only configured the user on project side (by credential plugin) but missed to configure the global security.
So I fixed it by selecting:
Jenkins -> Manage Jenkins -> Configure Global Security
And did setup missing global settings (or project matrix based one)
Have you followed this step, from the plugin page?
Control user authorization (i.e. who is allowed to see the jobs and build them) using the Github Commiter Authorization Strategy
Also, make sure you actually allow authenticated users to access Jenkins
Under Jenkins global configuration, under Authorization, add user/group called authenticated
Give that group Overall Read permission
The group should show up with a "group" icon (two users), as opposed to single user icon.
reset from <useSecurity>true</useSecurity> to <useSecurity>false</useSecurity> in config.xml and set the permission again.
Edit file /var/lib/jenkins/config.xml and add the following lines :
<authorizationStrategy class="hudson.security.ProjectMatrixAuthorizationStrategy">
<permission>hudson.model.Hudson.Read:john.smith</permission>
</authorizationStrategy>
Restart Jenkins
What I did when I got this error is to edit config.xml as mentionned by other users and correctly re-add my username in LOWERCASE in "configureSecurity" Jenkins' page. I was using "KrustyHack" when adding permissions but it didn't work. I had to add "krustyhack" instead, and it worked.
I hope it helps.
I had the same problem here, but it affected only some users, not all of them. Anyway, you should check public organization membership : documentation of the plugin states that "You have to be a public member of the organization for the authorization to work correctly." (https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin).
Follow instructions from GitHub (https://help.github.com/articles/publicizing-or-hiding-organization-membership/) in order to make organization membership public, and this might fix your issue.
Also check the case user names in the authorizationStrategy element. I made my new user's name lower case and restarted the service and it the error went away.
Fix it by these 2 shell commands on the server (sudo permission is required):
sudo ex +g/useSecurity/d +g/authorizationStrategy/d -scwq /var/lib/jenkins/config.xml
sudo /etc/init.d/jenkins restart
This will remove useSecurity and authorizationStrategy lines from your config file.
See also: Disable security at Jenkins website
We hit this same error when a github organization administrator changed the organization's settings for "Third-party access" to "restrict third-party application access". Reverting to the previous settings within the github organization resolved the problem.
See github oauth-app-access-restrictions for details on how to configure that properly.
The assignment of roles to users is stored in config.xml file. Add the ID of the user directly to the role and then restart Jenkins.
In my case, I have a role named editor and a bunch of users assigned to the role.
<role name="editor" pattern=".*">
<permissions>
<...>
<permission>hudson.model.Item.Create</permission>
<permission>hudson.model.Item.Workspace</permission>
<permission>...</permission>
</permissions>
<assignedSIDs>
<sid>bob</sid>
<sid>alice</sid>
<sid>**newuser**</sid>
</assignedSIDs>
</role>
The matrix security is not terribly clear. I am a member of a specific group in our org that has admin privileges however I am also an authenticated user. I would think that the one group super-cedes the other however I have to have both in order to actually log into the system and be admin. It's screwed up IMO.
go to your-jenkins-host:port/role-strategy/assign-roles and configure roles for the user
I had the same problem before,
your OAuth application need your organization owner's approve,
then the OAuth Plugin can access the private data in it
I am using Crowd 2 plugin and I have the same problem.
I fixed it by downgrading OWASP Markup Formatter Plugin from varsion 1.2 to version 1.1 and then changing Markup Formatter in Configure Global Security value to Raw HTML, before it was Plain text.
I had exactly the same problem and adding the plugin Role Strategy Plugin fixed the problem.
All I had to do was install the plugin, create two groups - admin / developer and then add users to the groups.
A much much better solution than recreating the whole permissions matrix :)
I had a similar problem I was not able access Jenkin account and the system was locked.
I had only an error message. "Access Denied "
When I tried to reinstall Jenkins then it prompted to Repair option.
By clicking Repair option it fixed the problem.
Go to $JENKINS_HOME (linux, jenkins in windows), and find config.xml file.
Open this file in the editor. (take backup of .jenkins home)
Look for the <useSecurity>true</useSecurity> element in this file.
Replace "true" with "false"
Remove the elements authorizationStrategy and securityRealm
Start Jenkins
I found it in
C:\ProgramData\Jenkins\.jenkins
Jenkins Version: 2.319.2
Instead of removing all security (the top answer), Add admin access as root, to the user you want to give admin to. We had the same issue where all admins were no longer with the company. This is how I resolved the authentication problem: I logged into:
jenkins#<jenkins server>:/var/lib/jenkins/
Edit config.xml file, and add a config for
<permission>hudson.model.Hudson.Administer:<username></permission>
Then restart Jenkins:
root#<jenkins server>:/$ /etc/init.d/jenkins restart
Just use Jenkins > Configure Global Security bottom page matrix to provide permissions to the user (start w/ read)
I edited the /var/lib/jenkins/config.xml file and replaced the
<authorizationStrategy>...</authorizationStrategy>
with
<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">
<denyAnonymousReadAccess>true</denyAnonymousReadAccess>
</authorizationStrategy>
It is the default settings after installation. Then restart the jenkins service.
Hi, as shown in screeshot, eclipse fails while saving the secure preferences file. Already tried to give 777 access to those folders (the fact that folder shown under Security -> secure storage -> Contents, as Storage Location didn't even exist, so I created it with a mkdir and I gave it 777 access.
But when, after filling, I click on apply than ok HTTP and HTTPS datas abour user and password are not saved!
Anyone?
Try changing the default secure storage location to something you know eclipse has write permissions for already. (Something like a sub-folder of your current workspace ?)
You can change the default location, by adding the following to your eclipse.ini :
...
-eclipse.keyring
c:\users\<userid>\.eclipse\secure.storage
...
Hope that helps !!
Known bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=286354#c1
When I renamed file C:\Documents and Settings\.eclipse\org.eclipse.equinox.security\secure_storage
Saving the password worked again.
window -> preferences-> general -> Security -> Secure storage-> ‘master password providers’
select ‘windows integration’ & click change password.
I solved it by installing Proxy+ so I putted in my password and username an provided localhost:4480 as proxy (a simple way to bypass but not really solve the problem :) )
First, verify if Eclipse Proxy configured correctly:
Access Preferences via Window, Preferences Then expand General, then Security. Click on Secure Storage.
In the Contents tab, expand the [Default Secure Storage] list. Verify there are settings there for: org.eclipse.core.net.proxy.auth with settings for HTTP. You may also see you Git credentials.
You can attempt to recover your Eclipse Secure Storage password on the Password tab using Recover Password using the challenge prompts. If it fails, then you may need to delete your Secure Store to "reset" the secure storage.
select org.eclipse.equinox.secure.storage and click Delete.
You will then get prompted to set up your secure store and the password recovery challenge questions.
my update site is only via ftp reachable and the customer needs to set a proxy. But i can't select a FTP-Proxy in the preference page (General -> Network Connections). How can i add the ftp schema? There are no buttons like 'add proxy'
Try setting 'Active Provider' on top of the General -> Network Connections page to 'Manual' - you will then be able to edit individual proxy schemas.