Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-21179

Bamboo AJP connector will fail to start if no secret is added on the server.xml

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Low
    • None
    • 7.0.0
    • Installation
    • None

    Description

      Issue Summary

      When Bamboo is configured to run using the AJP protocol with Apache Tomcat 8.5.51 or higher (bundled with Bamboo 7.0 and newer) the connector will fail to start.

      Steps to Reproduce

      1. Configure the AJP connector following the instructions on the server.xml file
      2. Start Bamboo

      Expected Results

      AJP connector will successfully start

      Actual Results

      The below exception is thrown in the <installation_directory>/logs/catalina.out file and the connector fails to start:

      09-Dec-2020 10:52:10.649 SEVERE [main] org.apache.catalina.core.StandardService.startInternal Failed to start connector [Connector[AJP/1.3-8009]]
        org.apache.catalina.LifecycleException: Protocol handler start failed
                at org.apache.catalina.connector.Connector.startInternal(Connector.java:1057)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.core.StandardService.startInternal(StandardService.java:440)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:766)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.startup.Catalina.start(Catalina.java:688)
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                at java.lang.reflect.Method.invoke(Method.java:498)
                at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:343)
                at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:474)
        Caused by: java.lang.IllegalArgumentException: The AJP Connector is configured with secretRequired="true" but the secret attribute is either null or "". This combination is not valid.
                at org.apache.coyote.ajp.AbstractAjpProtocol.start(AbstractAjpProtocol.java:274)
                at org.apache.catalina.connector.Connector.startInternal(Connector.java:1055)
                ... 12 more

      This error is caused by Apache Tomcat 8.5.51 and newer having the secretRequired parameter set to true by default. When secretRequired is true the AJP/1.3 Connector will not start unless the secret attribute is configured to a non-null, non-zero length string.

      Workaround

      Add a secret variable on the AJP connector on server.xml configuration which matches the secret added on the AJP configuration at proxy level.

      Another potential solution is to disable this requirement by specifying secretRequired="false" on the server.xml , however this is not recommended due to security concerns.

      Attachments

        Activity

          People

            Unassigned Unassigned
            malonso@atlassian.com Miguel Alonso
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: