http://localhost:8080/jenkins 에 접근하면 아래와 같은 오류가 발생할 것입니다.
- HTTP ERROR: 503 Problem accessing /jenkins. Reason: Service Unavailable
java.lang.IllegalStateException: No LoginService for org.eclipse.jetty.security.authentication.FormAuthenticator in org.eclipse.jetty.security.ConstraintSecurityHandler
at org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:44)1. jenkins.xml 파일을 추가하고
2. realm.properties 를 추가하면 됩니다.
하단 예제를 보시기 전에 테스트 환경을 간략하게 알려드립니다.
- JETTY_HOME = /srv/jetty
- JETTY_PORT = 8081
- JETTY_USER = jetty
권한 설정을 위해서 jenkins.xml 파일을 webapps에 생성합니다.
* jetty 9 부터는 contexts 폴더가 사라지고 관련 설정을 webapps 폴더에서 합니다.
# vi /srv/jetty/webapps/jenkins.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<!-- ==================================================================
Configure and deploy the jenkins web application in $(jetty.home)/webapps/jenkins
Note. If this file did not exist or used a context path other that /jenkins
then the default configuration of jetty.xml would discover the jenkins
webapplication with a WebAppDeployer. By specifying a context in this
directory, additional configuration may be specified and hot deployments
detected.
===================================================================== -->
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- Required minimal context configuration : -->
<!-- + contextPath -->
<!-- + war OR resourceBase -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<Set name="contextPath">/jenkins</Set>
<Set name="war"><SystemProperty name="jetty.home" default="."/>/webapps/jenkins.war</Set>
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- Optional context configuration -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<Set name="extractWAR">true</Set>
<Set name="copyWebDir">false</Set>
<Set name="defaultsDescriptor"><SystemProperty name="jetty.home" default="."/>/etc/webdefault.xml</Set>
<!--<Set name="overrideDescriptor"><SystemProperty name="jetty.home" default="."/>/webapps/jenkins.d/override-web.xml</Set>-->
<Get name="securityHandler">
<Set name="loginService">
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Jenkins Realm</Set>
<Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
<!-- To enable reload of realm when properties change, uncomment the following lines -->
<!-- changing refreshInterval (in seconds) as desired -->
<!--
<Set name="refreshInterval">5</Set>
<Call name="start"></Call>
-->
</New>
</Set>
<Set name="authenticator">
<New class="org.eclipse.jetty.security.authentication.FormAuthenticator">
<Set name="alwaysSaveUri">true</Set>
</New>
</Set>
<Set name="checkWelcomeFiles">true</Set>
</Get>
<!-- Add context specific logger
<Set name="handler">
<New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler">
<Set name="requestLog">
<New id="RequestLogImpl" class="org.eclipse.jetty.server.NCSARequestLog">
<Set name="filename"><Property name="jetty.logs" default="./logs"/>/jenkins-yyyy_mm_dd.request.log</Set>
<Set name="filenameDateFormat">yyyy_MM_dd</Set>
<Set name="append">true</Set>
<Set name="LogTimeZone">GMT</Set>
</New>
</Set>
</New>
</Set>
-->
</Configure>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<!-- ==================================================================
Configure and deploy the jenkins web application in $(jetty.home)/webapps/jenkins
Note. If this file did not exist or used a context path other that /jenkins
then the default configuration of jetty.xml would discover the jenkins
webapplication with a WebAppDeployer. By specifying a context in this
directory, additional configuration may be specified and hot deployments
detected.
===================================================================== -->
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- Required minimal context configuration : -->
<!-- + contextPath -->
<!-- + war OR resourceBase -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<Set name="contextPath">/jenkins</Set>
<Set name="war"><SystemProperty name="jetty.home" default="."/>/webapps/jenkins.war</Set>
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- Optional context configuration -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<Set name="extractWAR">true</Set>
<Set name="copyWebDir">false</Set>
<Set name="defaultsDescriptor"><SystemProperty name="jetty.home" default="."/>/etc/webdefault.xml</Set>
<!--<Set name="overrideDescriptor"><SystemProperty name="jetty.home" default="."/>/webapps/jenkins.d/override-web.xml</Set>-->
<Get name="securityHandler">
<Set name="loginService">
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Jenkins Realm</Set>
<Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
<!-- To enable reload of realm when properties change, uncomment the following lines -->
<!-- changing refreshInterval (in seconds) as desired -->
<!--
<Set name="refreshInterval">5</Set>
<Call name="start"></Call>
-->
</New>
</Set>
<Set name="authenticator">
<New class="org.eclipse.jetty.security.authentication.FormAuthenticator">
<Set name="alwaysSaveUri">true</Set>
</New>
</Set>
<Set name="checkWelcomeFiles">true</Set>
</Get>
<!-- Add context specific logger
<Set name="handler">
<New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler">
<Set name="requestLog">
<New id="RequestLogImpl" class="org.eclipse.jetty.server.NCSARequestLog">
<Set name="filename"><Property name="jetty.logs" default="./logs"/>/jenkins-yyyy_mm_dd.request.log</Set>
<Set name="filenameDateFormat">yyyy_MM_dd</Set>
<Set name="append">true</Set>
<Set name="LogTimeZone">GMT</Set>
</New>
</Set>
</New>
</Set>
-->
</Configure>
만약 $JETTY_HOME/etc/realm.properties 파일이 존재하지 않으면 생성시켜줍니다.
1. demo 에서 복사
1. demo 에서 복사
# cp /srv/jetty/demo-base/etc/realm.properties /srv/jetty/etc
2. 직접생성
# vi /srv/jetty/etc/realm.properties
#
# This file defines users passwords and roles for a HashUserRealm
#
# The format is
# <username>: <password>[,<rolename> ...]
#
# Passwords may be clear text, obfuscated or checksummed. The class
# org.eclipse.util.Password should be used to generate obfuscated
# passwords or password checksums
#
# If DIGEST Authentication is used, the password must be in a recoverable
# format, either plain text or OBF:.
#
jetty: MD5:164c88b302622e17050af52c89945d44,user
admin: CRYPT:adpexzg3FUZAk,server-administrator,content-administrator,admin,user
other: OBF:1xmk1w261u9r1w1c1xmq,user
plain: plain,user
user: password,user
# This entry is for digest auth. The credential is a MD5 hash of username:realmname:password
digest: MD5:6e120743ad67abfbc385bc2bb754e297,user
마지막으로 다시 추가된 파일들을 위해서 권한 설정을 하고 재시작을 합니다.
# chown -R jetty:jetty /srv/jetty/webapps
# chown -R jetty:jetty /srv/jetty/etc
# service jetty restart
# curl http://localhost:8081/jenkins
댓글 없음:
댓글 쓰기