Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-28194

Confluence attempts to apply group memberships when synchronising from a remote directory even if they already exist, causing a duplicate key violation

XMLWordPrintable

      Symptoms

      When synchronising a directory from a user directory, it fails, with an error like the below:

      2013-02-21 09:59:32,590 ERROR [scheduler_Worker-2] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 98307 ].
      org.springframework.dao.DataIntegrityViolationException: Hibernate operation: could not insert: [com.atlassian.crowd.embedded.hibernate2.HibernateMembership#295380]; SQL []; ERROR: duplicate key value violates unique constraint "cwd_unique_user_membership"
        Detail: Key (parent_id, child_user_id)=(163849, 229382) already exists.; nested exception is org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint "cwd_unique_user_membership"
        Detail: Key (parent_id, child_user_id)=(163849, 229382) already exists.
      	at org.springframework.jdbc.support.SQLStateSQLExceptionTranslator.doTranslate(SQLStateSQLExceptionTranslator.java:100)
      	at org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:72)
      	at org.springframework.orm.hibernate.HibernateTransactionManager.convertJdbcAccessException(HibernateTransactionManager.java:619)
      	at org.springframework.orm.hibernate.HibernateTransactionManager.convertHibernateAccessException(HibernateTransactionManager.java:605)
      	at org.springframework.orm.hibernate.HibernateTransactionManager.doCommit(HibernateTransactionManager.java:518)
      	at org.springframework.transaction.support.AbstractPlatformTransactionManager.processCommit(AbstractPlatformTransactionManager.java:732)
      	at org.springframework.transaction.support.AbstractPlatformTransactionManager.commit(AbstractPlatformTransactionManager.java:701)
      	at org.springframework.transaction.interceptor.TransactionAspectSupport.commitTransactionAfterReturning(TransactionAspectSupport.java:321)
      	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:116)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
      	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
      	at com.atlassian.crowd.directory.$Proxy1476.addUserToGroup(Unknown Source)
      	at com.atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations.addUserToGroup(DirectoryCacheImplUsingChangeOperations.java:187)
      	at com.atlassian.crowd.directory.ldap.cache.EventTokenChangedCacheRefresher.synchroniseChanges(EventTokenChangedCacheRefresher.java:115)
      	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:610)
      	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63)
      	at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50)
      	at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJobBean.executeInternal(DirectoryPollerJobBean.java:29)
      	at org.springframework.scheduling.quartz.QuartzJobBean.execute(QuartzJobBean.java:86)
      	at org.quartz.core.JobRunShell.run(JobRunShell.java:199)
      	at com.atlassian.confluence.schedule.quartz.ConfluenceQuartzThreadPool$1.run(ConfluenceQuartzThreadPool.java:20)
      	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:549)
      Caused by: org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint "cwd_unique_user_membership"
        Detail: Key (parent_id, child_user_id)=(163849, 229382) already exists.
      	at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2102)
      	at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1835)
      	at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:257)
      	at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:500)
      	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:388)
      	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:334)
      	at com.mchange.v2.c3p0.impl.NewProxyPreparedStatement.executeUpdate(NewProxyPreparedStatement.java:105)
      	at net.sf.hibernate.impl.NonBatchingBatcher.addToBatch(NonBatchingBatcher.java:22)
      	at net.sf.hibernate.persister.EntityPersister.insert(EntityPersister.java:462)
      	at net.sf.hibernate.persister.EntityPersister.insert(EntityPersister.java:436)
      	at net.sf.hibernate.impl.ScheduledInsertion.execute(ScheduledInsertion.java:37)
      	at net.sf.hibernate.impl.SessionImpl.execute(SessionImpl.java:2464)
      	at net.sf.hibernate.impl.SessionImpl.executeAll(SessionImpl.java:2450)
      	at net.sf.hibernate.impl.SessionImpl.execute(SessionImpl.java:2407)
      	at net.sf.hibernate.impl.SessionImpl.flush(SessionImpl.java:2276)
      	at net.sf.hibernate.transaction.JDBCTransaction.commit(JDBCTransaction.java:61)
      	at org.springframework.orm.hibernate.HibernateTransactionManager.doCommit(HibernateTransactionManager.java:510)
      	... 17 more

      Cause

      A group membership is being synchronised from the remote directory which already exists, and Confluence is attempting to add this. There are a few reasons why the remote directory would synchronise such memberships, including but not limited to the following known bugs:

      CONF-28190 Adding a user to a group locally on Confluence when using a read/write remote Crowd or JIRA directory
      CWD-3147 If a user exists in two directories in an application, and is added to a group in one directory that it was already in the other, clients get duplicate key errors

      Workaround

      Flushing the cache of the directory will stop the error from happening, and cause the directory to synchronise fully, until the next time a duplicate group membership is sent from the remote directory. The simplest way of forcing this is:

      1. Disable the directory
      2. Enable the directory

      For the specific causes there may be workarounds in the linked bug tickets.

              Unassigned Unassigned
              dmason David Mason (Inactive)
              Votes:
              26 Vote for this issue
              Watchers:
              28 Start watching this issue

                Created:
                Updated:
                Resolved: