Openshift授权访问被拒绝

时间:2017-04-12 03:54:31

标签: jenkins oauth openshift

我的环境是openshift enterprise 3.4,我安装了jenkins以及它在我的项目oes上运行的pod,当我尝试访问http://jenkins.mydomain.com时,它显示使用openshift页面登录,然后单击“使用OpenShift登录”按钮,我得到以下错误:我错过了任何设置吗?任何建议将不胜感激!

  

“error”:“server_error”,“error_description”:“授权服务器遇到阻止其完成请求的意外情况。”,“state”:“MmVkOTVjMWItODYwNC00”

这是我在master-config.conf中的oauthConfig:

oauthConfig:
    assetPublicURL: https://openshift-master.anim.odw.com.cn:8443/console/
    grantConfig:
    method: auto
identityProviders:
    challenge: true
    login: true
    mappingMethod: claim
    name: htpasswd_auth
provider:
    apiVersion: v1
    file: /etc/origin/master/htpasswd
    kind: HTPasswdPasswordIdentityProvider

以下是pod日志:

Apr 12, 2017 3:15:48 AM org.openshift.jenkins.plugins.openshiftlogin.OpenShiftOAuth2SecurityRealm populateDefaults
INFO: OpenShift OAuth: provider: OpenShiftProviderInfo: issuer: https://openshift-master.mydomain.com:8443 auth ep: https://openshift-master.mydomain.com:8443/oauth/authorize token ep: https://openshift-master.mydomain.com:8443/oauth/token
Apr 12, 2017 3:15:48 AM org.openshift.jenkins.plugins.openshiftlogin.OpenShiftOAuth2SecurityRealm populateDefaults
INFO: OpenShift OAuth returning true with namespace oes SA dir null default /run/secrets/kubernetes.io/serviceaccount SA name null default jenkins client ID null default system:serviceaccount:oes:jenkins secret null default eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNl3WNjb3VudC9uYW1lc3BhY2UiOiJvZXMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoiamVua2lucy10b2tlbi1mYmhjcCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY491bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJqZW5raW5zIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNzFjYWEwYjItMTY5MC0xMWU3LWE2ZDktMDAxYTRhMTYwMTU2Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om9lczpqZW5raW5zIn0.hnC-s2rXKFpF6xfhTI9-TJXDMkW6KU3DN6xQBWppj5xf98itR38eJwe3s4fUr3XWrXs_ipXXu14hnQTEykUCpNNGFuxxfNy6moOSThqSClsGojo4S1mdJ921_COFUnFWyP1H_ZMGZbw8GyPAcwKnjaZo253mDN8RlAWegcHry-noQuDkOfiNjXL1xiDu7ZeDTwmYome_-6xHpgBv0KbhqKjs7L6PilxpTo2QMjb7zOoJY0VShM4hb84oinQJ62m18Vxf-U-oZQs40QosnFGQFHRb9Jt3sQZzY1kYrp6UZHsg3_O-JvII1QaU02r4-2Ly7CqNIsDrO0OFj1tR4N4CEw redirect null default https://openshift-master.mydomain.com:8443 server null default https://openshift.default.svc

感谢。

2 个答案:

答案 0 :(得分:0)

您可以将jenkins配置为使用单个管理员密码,如文档中所示:

  

JENKINS_PASSWORD使用默认Jenkin身份验证时“admin”帐户的密码。

请参阅:https://github.com/openshift/jenkins

答案 1 :(得分:0)

您遇到的错误与OAuth流程中的错误有关。这很可能是由于配置错误的Jenkins服务帐户造成的。尝试再次登录,看看OpenShift API主日志在此期间所说的内容(在--loglevel=100运行)。

相关问题
最新问题