j_security_check error
358 views
Skip to first unread message
Russ Robinson
Apr 10, 2024, 5:10:43 PM4/10/24
to rundeck-discuss
In order to try out Rundeck 5.1.2 and its ssh plugin before rolling it out to one of our actual servers, I spun up an Oracle Linux 7 server and followed https://docs.rundeck.com/docs/administration/install/linux-rpm.html#installing-rundeck .
Basically, ran:
- Issue: yum install java-11-openjdk-devel
- Issue: rpm -i rundeck-5.1.2.20240328-1.noarch.rpm
- Updated /etc/rundeck/rundeck-config.properties to have: grails.serverURL=http://<fqdn>:4440
After browsing to http://<fqdn>:4440 and entering the default admin userid/password, the browser eventually hits "The connection has timed out" with url http://<fqdn>:4440/j_security_check url.
There is no load balancer, haproxy, or apache in front. I'm just hitting the Rundeck url directly.
I know it's probably obvious (and I need more caffeine); but any suggestions on what I am overlooking?
rac...@rundeck.com
Apr 10, 2024, 5:28:07 PM4/10/24
to rundeck-discuss
Hello, Russ.
Does this happen with any web browser? Could you try in an incognito tab? Do you see the same behavior?
Regards.
Does this happen with any web browser? Could you try in an incognito tab? Do you see the same behavior?
Regards.
Russ Robinson
Apr 11, 2024, 8:51:45 AM4/11/24
to rundeck-discuss
Yes - it happens in both Firefox and Chrome. I tried with Firefox private browsing and Chrome incognito this morning; but the same issue happens.
rac...@rundeck.com
Apr 11, 2024, 9:30:06 AM4/11/24
to rundeck-discuss
I see,
I’ve installed Rundeck in Oracle Linux 7 following your steps without issues. Could you share your /etc/rundeck/rundeck-config.properties, /etc/rundeck/framework.properties, /etc/rundeck/profile and the /etc/sysconfig/rundeckd (if exists) files content to take a look? Also, do you see any clue in the service.log?
Russ Robinson
Apr 11, 2024, 10:06:05 AM4/11/24
to rundeck-discuss
/etc/rundeck/rundeck-config.properties
#loglevel.default is the default log level for jobs: ERROR,WARN,INFO,VERBOSE,DEBUG
loglevel.default=INFO
rdeck.base=/var/lib/rundeck
#rss.enabled if set to true enables RSS feeds that are public (non-authenticated)
rss.enabled=false
# change hostname here
# grails.serverURL=http://localhost:4440
grails.serverURL=http://myfqdn.test.com:4440
dataSource.dbCreate = none
dataSource.url = jdbc:h2:file:/var/lib/rundeck/data/rundeckdb;DB_CLOSE_ON_EXIT=FALSE;NON_KEYWORDS=MONTH,HOUR,MINUTE,YEAR,SECONDS
grails.plugin.databasemigration.updateOnStart=true
# Encryption for key storage
rundeck.storage.provider.1.type=db
rundeck.storage.provider.1.path=keys
rundeck.storage.converter.1.type=jasypt-encryption
rundeck.storage.converter.1.path=keys
rundeck.storage.converter.1.config.encryptorType=custom
rundeck.storage.converter.1.config.password=1f38d747b496d96a
rundeck.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC
rundeck.storage.converter.1.config.provider=BC
# Encryption for project config storage
rundeck.projectsStorageType=db
rundeck.config.storage.converter.1.type=jasypt-encryption
rundeck.config.storage.converter.1.path=projects
rundeck.config.storage.converter.1.config.password=1f38d747b496d96a
rundeck.config.storage.converter.1.config.encryptorType=custom
rundeck.config.storage.converter.1.config.algorithm=PBEWITHSHA256AND128BITAES-CBC-BC
rundeck.config.storage.converter.1.config.provider=BC
rundeck.feature.repository.enabled=true
/etc/rundeck/framework.properties
# framework.properties -
#
# ----------------------------------------------------------------
# Rundeck server connection information
# ----------------------------------------------------------------
framework.server.name = localhost
framework.server.hostname = localhost
framework.server.port = 4440
framework.server.url = http://localhost:4440
# ----------------------------------------------------------------
# Installation locations
# ----------------------------------------------------------------
rdeck.base=/var/lib/rundeck
framework.projects.dir=/var/lib/rundeck/projects
framework.etc.dir=/etc/rundeck
framework.var.dir=/var/lib/rundeck/var
framework.tmp.dir=/var/lib/rundeck/var/tmp
framework.logs.dir=/var/lib/rundeck/logs
framework.libext.dir=/var/lib/rundeck/libext
# ----------------------------------------------------------------
# SSH defaults for node executor and file copier
# ----------------------------------------------------------------
framework.ssh.keypath = /var/lib/rundeck/.ssh/id_rsa
framework.ssh.user = rundeck
# ssh connection timeout after a specified number of milliseconds.
# "0" value means wait forever.
framework.ssh.timeout = 0
# ----------------------------------------------------------------
# Auto generated server UUID: 260bc48a-6704-47c3-a492-1018e681b5c7
# ----------------------------------------------------------------
rundeck.server.uuid = 260bc48a-6704-47c3-a492-1018e681b5c7
/etc/rundeck/profile
#########
# Rundeck Profile sourced from /etc/rc.d/init.d/rundeckd
#########
#
# NOTE: DO NOT MODIFY THIS FILE
# It will be replaced when the package is upgraded and your changes will not be saved.
#
# ##################
#
# To override variables in this file, you can instead create a file at:
#
# # Centos/Redhat default:
#
# /etc/sysconfig/rundeckd
#
# Or
#
# # Ubuntu/Debian default:
#
# /etc/default/rundeckd
#
# which contains exports for any of the variables listed below. E.g.:
#
# RUNDECK_TEMPDIR=/path/to/tmpdir
#
# That file will be sourced before this one, allowing your exports to take precedence.
#
###############
prog="rundeckd"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
[ -e /etc/default/$prog ] && . /etc/default/$prog
RDECK_INSTALL="${RDECK_INSTALL:-/var/lib/rundeck}"
RDECK_BASE="${RDECK_BASE:-/var/lib/rundeck}"
RDECK_CONFIG="${RDECK_CONFIG:-/etc/rundeck}"
RDECK_CONFIG_FILE="${RDECK_CONFIG_FILE:-$RDECK_CONFIG/rundeck-config.properties}"
RDECK_SERVER_BASE="${RDECK_SERVER_BASE:-$RDECK_BASE}"
RDECK_SERVER_CONFIG="${RDECK_SERVER_CONFIG:-$RDECK_CONFIG}"
RDECK_SERVER_DATA="${RDECK_SERVER_DATA:-$RDECK_BASE/data}"
RDECK_PROJECTS="${RDECK_PROJECTS:-$RDECK_BASE/projects}"
RUNDECK_TEMPDIR="${RUNDECK_TEMPDIR:-/tmp/rundeck}"
RUNDECK_WORKDIR="${RUNDECK_TEMPDIR:-$RDECK_BASE/work}"
RUNDECK_LOGDIR="${RUNDECK_LOGDIR:-$RDECK_BASE/logs}"
RDECK_JVM_SETTINGS="${RDECK_JVM_SETTINGS:- -Xmx1024m -Xms256m -server}"
RDECK_TRUSTSTORE_FILE="${RDECK_TRUSTSTORE_FILE:-$RDECK_CONFIG/ssl/truststore}"
RDECK_TRUSTSTORE_TYPE="${RDECK_TRUSTSTORE_TYPE:-jks}"
JAAS_LOGIN="${JAAS_LOGIN:-true}"
JAAS_CONF="${JAAS_CONF:-$RDECK_CONFIG/jaas-loginmodule.conf}"
LOGIN_MODULE="${LOGIN_MODULE:-RDpropertyfilelogin}"
RDECK_HTTP_PORT=${RDECK_HTTP_PORT:-4440}
RDECK_HTTPS_PORT=${RDECK_HTTPS_PORT:-4443}
# If no JAVA_CMD, try to find it in $JAVA_HOME
if [ -z "$JAVA_CMD" ] && [ -n "$JAVA_HOME" ] && [ -x "$JAVA_HOME/bin/java" ] ; then
JAVA_CMD=$JAVA_HOME/bin/java
PATH=$PATH:$JAVA_HOME/bin
export JAVA_HOME
elif [ -z "$JAVA_CMD" ] ; then
JAVA_CMD=java
fi
for war in $(find $RDECK_INSTALL/bootstrap -name '*.war') ; do
EXECUTABLE_WAR=$war
done
RDECK_JVM="-Drundeck.jaaslogin=$JAAS_LOGIN \
-Djava.security.auth.login.config=$JAAS_CONF \
-Dloginmodule.name=$LOGIN_MODULE \
-Drdeck.config=$RDECK_CONFIG \
-Drundeck.server.configDir=$RDECK_SERVER_CONFIG \
-Dserver.datastore.path=$RDECK_SERVER_DATA/rundeck \
-Drundeck.server.serverDir=$RDECK_INSTALL \
-Drdeck.projects=$RDECK_PROJECTS \
-Dlog4j.configurationFile=$RDECK_SERVER_CONFIG/log4j2.properties \
-Dlogging.config=file:$RDECK_SERVER_CONFIG/log4j2.properties \
-Drdeck.runlogs=$RUNDECK_LOGDIR \
-Drundeck.server.logDir=$RUNDECK_LOGDIR \
-Drundeck.config.location=$RDECK_CONFIG_FILE \
-Djava.io.tmpdir=$RUNDECK_TEMPDIR \
-Drundeck.server.workDir=$RUNDECK_WORKDIR \
-Dserver.http.port=$RDECK_HTTP_PORT \
-Drdeck.base=$RDECK_BASE"
#
# Set min/max heap size
#
RDECK_JVM="$RDECK_JVM $RDECK_JVM_SETTINGS"
#
# SSL Configuration - Uncomment the following to enable. Check SSL.properties for details.
#
if [ -n "$RUNDECK_WITH_SSL" ] ; then
RDECK_JVM="$RDECK_JVM -Drundeck.ssl.config=$RDECK_SERVER_CONFIG/ssl/ssl.properties -Dserver.https.port=${RDECK_HTTPS_PORT}"
fi
unset JRE_HOME
umask 002
rundeckd="$JAVA_CMD $RDECK_JVM $RDECK_JVM_OPTS -jar $EXECUTABLE_WAR --skipinstall"
/etc/sysconfig/rundeckd
No such file
Sadly, I do not see anything relevant in: service.log
saritha rani yalamaddi
Oct 14, 2025, 12:39:34 PM10/14/25
to rundeck-discuss
Hello Team,
Am facing the same issue any resolution for it. Am using the extended docker image, I deployed in one environment in one k8s environment, it's working perfectly but when I tried the same image in AKS cluster am getting j_security page. Tried by removing SSO, database and everything still facing the issue. Any resolution is greatly appreciated
Bert vdrHorst
Jan 30, 2026, 9:57:30 AM (4 days ago) Jan 30
to rundeck-discuss
Had the same (still), but when I opened browser in VNC session (localhost) it worked.
(had changed all configuration file references from localhost to my real hostname, restarted, but that did not work)
(had changed all configuration file references from localhost to my real hostname, restarted, but that did not work)
Op dinsdag 14 oktober 2025 om 18:39:34 UTC+2 schreef saritha rani yalamaddi:
Reply all
Reply to author
Forward
0 new messages