Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-24347

Public sign up caused stack trace when configure LDAP to read only

    XMLWordPrintable

Details

    • 4.03
    • 1
    • Severity 3 - Minor
    • Hide
      Atlassian Update – 06 September 2019

      Hi everyone,

      After reviewing the overall customer interest and impact of this bug report we have decided to close this issue down. Our analysis has shown that over time this issue hasn't collected a significant number of votes, watchers, comments, or support cases from customers and therefore has remained very low on our priority list. Given these findings we can conclude it will not be fixed in the foreseeable future and wish to be transparent about our priorities by closing it as Timed Out.

      Although we're aware this issue may be still important to those of you who were involved in the initial conversations around it, we want to be clear by managing your expectations regarding the likelihood of a fix for it. The Jira team do their best to prioritise the issues that have high and critical impact with broad pervasiveness reflected in series of different factors. You can learn more about this by reading our Bug Fixing Policy.

      To see what the Jira team is currently working on and has recently delivered see the following dashboards:

      We understand that hearing a decision like this can be disappointing, but we hope you'll appreciate our transparent approach to product priorities and communications. We will continue to watch this issue for further updates, so please feel free to share any thoughts in the comments.

      Thank you,

      Pawel Drygas,

      Jira Server Bugmaster

      Show
      Atlassian Update – 06 September 2019 Hi everyone, After reviewing the overall customer interest and impact of this bug report we have decided to close this issue down. Our analysis has shown that over time this issue hasn't collected a significant number of votes, watchers, comments, or support cases from customers and therefore has remained very low on our priority list. Given these findings we can conclude it will not be fixed in the foreseeable future and wish to be transparent about our priorities by closing it as Timed Out . Although we're aware this issue may be still important to those of you who were involved in the initial conversations around it, we want to be clear by managing your expectations regarding the likelihood of a fix for it. The Jira team do their best to prioritise the issues that have high and critical impact with broad pervasiveness reflected in series of different factors. You can learn more about this by reading our Bug Fixing Policy . To see what the Jira team is currently working on and has recently delivered see the following dashboards: Jira Server and Data Center: Recently resolved issues Jira Server and Data Center: Current work and future plans Jira Server and Data Center: Bug Fix Board We understand that hearing a decision like this can be disappointing, but we hope you'll appreciate our transparent approach to product priorities and communications. We will continue to watch this issue for further updates, so please feel free to share any thoughts in the comments. Thank you, Pawel Drygas, Jira Server Bugmaster

    Description

      Scenario 1 : Steps to reproduce

      1. Setup JIRA and connect to LDAP with "Read only" or "Read only, with Local Group"
      2. JIRA internal directory is enabled
      3. Enable "external password management" with public mode
      4. "Sign Up" link appear and user will be created in "JIRA internal directory" upon sign up.

      Scenario 2 : Steps to reproduce

      1. Setup JIRA and connect to LDAP with "Read only" or "Read only, with Local Group"
      2. Disable JIRA internal directory
      3. Enable "external password management" with public mode
      4. "Sign Up" link appear and error below will thrown upon sign up. 
        Cause: 
com.opensymphony.user.ImmutableException: Unable to create user 'testsign3': com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Application 'crowd-embedded' has no directories that allow adding of users.

Stack Trace: [hide]

com.opensymphony.user.ImmutableException: Unable to create user 'testsign3': com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Application 'crowd-embedded' has no directories that allow adding of users.
	at com.atlassian.jira.user.util.UserUtilImpl.createUserWithEvent(UserUtilImpl.java:304)
	at com.atlassian.jira.bc.user.DefaultUserService.createUserWithEvent(DefaultUserService.java:298)
	at com.atlassian.jira.bc.user.DefaultUserService.createUserForSignup(DefaultUserService.java:252)
	at com.atlassian.jira.web.action.user.Signup.doExecute(Signup.java:95)
	at webwork.action.ActionSupport.execute(ActionSupport.java:165)
	at com.atlassian.jira.action.JiraActionSupport.execute(JiraActionSupport.java:74)
	at webwork.interceptor.DefaultInterceptorChain.proceed(DefaultInterceptorChain.java:39)
	at webwork.interceptor.NestedInterceptorChain.proceed(NestedInterceptorChain.java:31)
	at webwork.interceptor.ChainedInterceptor.intercept(ChainedInterceptor.java:16)
	at webwork.interceptor.DefaultInterceptorChain.proceed(DefaultInterceptorChain.java:35)
	at webwork.dispatcher.GenericDispatcher.executeAction(GenericDispatcher.java:205)
	at webwork.dispatcher.GenericDispatcher.executeAction(GenericDispatcher.java:143)
	at com.atlassian.jira.web.dispatcher.JiraWebworkActionDispatcher.service(JiraWebworkActionDispatcher.java:151)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.web.filters.JiraLastFilter.doFilter(JiraLastFilter.java:81)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.core.filters.HeaderSanitisingFilter.doFilter(HeaderSanitisingFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
	at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.web.filters.accesslog.AccessLogFilter.executeRequest(AccessLogFilter.java:102)
	at com.atlassian.jira.web.filters.accesslog.AccessLogFilter.doFilter(AccessLogFilter.java:86)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.security.xsrf.XsrfTokenAdditionRequestFilter.doFilter(XsrfTokenAdditionRequestFilter.java:50)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77)
	at com.atlassian.jira.web.filters.PathExclusionFilter.doFilter(PathExclusionFilter.java:118)
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:210)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:144)
	at com.atlassian.jira.web.filters.JiraLoginFilter.doFilter(JiraLoginFilter.java:70)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
	at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:71)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:99)
	at com.atlassian.jira.web.filters.JIRAProfilingFilter.doFilter(JIRAProfilingFilter.java:16)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.web.filters.ActionCleanupDelayFilter.doFilter(ActionCleanupDelayFilter.java:59)
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.web.filters.RequestCleanupFilter.doFilter(RequestCleanupFilter.java:53)
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:71)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:350)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:81)
	at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:51)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:33)
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.core.filters.encoding.AbstractEncodingFilter.doFilter(AbstractEncodingFilter.java:41)
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
	at com.atlassian.jira.web.filters.PathMatchingEncodingFilter.doFilter(PathMatchingEncodingFilter.java:49)
	at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.web.monitor.ActiveRequestsFilter$PassToChainFilterFunc.doFilter(ActiveRequestsFilter.java:346)
	at com.atlassian.jira.web.monitor.ActiveRequestsFilter$DebugLogFilterFunc.doFilter(ActiveRequestsFilter.java:463)
	at com.atlassian.jira.web.monitor.ActiveRequestsFilter.doFilter(ActiveRequestsFilter.java:173)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.startup.JiraStartupChecklistFilter.doFilter(JiraStartupChecklistFilter.java:76)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.multitenant.servlet.MultiTenantServletFilter.doFilter(MultiTenantServletFilter.java:91)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.atlassian.jira.web.filters.JiraFirstFilter.doFilter(JiraFirstFilter.java:67)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:554)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
	at java.lang.Thread.run(Thread.java:662)
Referer URL: http://192.168.56.101:8080/secure/Signup!default.jspa

      Expectation

      • JIRA should handle the signup link better instead of showing stack trace
      • JIRA should not let user to create their own password since "External Password Management" is enabled.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-23872 JIRA should not try to change passwords for users that belong to Read Only user directories.

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              vkgan Gan VoonKiat
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: