Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-35495

Service Desk originating authentication requests failing

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Low Low
    • 5.5.2
    • 5.5.1
    • None

      Summary

      Authentication requests originating from a connected Service Desk portal caused by a search query by a customer user account will fail.

      Steps to Reproduce

      1. Install JIRA 6.3.5 (or newer)
      2. Install latest version of SD
      3. Create a user on JIRA side, and remove it from all groups (to mimic a "customer")
      4. Install Confluence 5.5.1 (or older)
      5. Create a space and several pages under the space
      6. Set up Application links between JIRA and Confluence using 2-Legged OAuth requests and allow user impersonation through 2-Legged OAuth
      7. In the SD project, create a knowledge base link to the Confluence space previously created
      8. In a new/incognito window, log in as the customer on the SD portal
      9. In the SD portal, search for one of the pages created in step 5

      Expected Results

      Confluence serves the pages fitting the query as entered in Service Desk

      Actual Results

      Confluence blocks the authentication of the customer user from JIRA end.
      The JIRA logs will show the following errors:

      2014-10-28 15:39:00,685 http-bio-8639-exec-14 WARN customer 939x1212x1 1wooz9p 127.0.0.1 /rest/servicedesk/1/servicedesk/BAG/kb/d3857cf7-a8cc-39da-b42d-a5ae13cee067/articles [apache.commons.httpclient.HttpMethodDirector] Unable to respond to any of these challenges: {oauth=OAuth realm="http%3A%2F%2Fbaseurl%3A6534", oauth_token="", oauth_consumer_key="jira%3A855b5049-8e45-41d0-8007-3b19d384b3e7", oauth_signature_method="RSA-SHA1", oauth_timestamp="1414507140", oauth_nonce="28253628592793", oauth_version="1.0", oauth_signature="QU%2FwHRcz3RwAoqgAdzq9Kdm1uByt7ET9FcNA%2BsA47iBQjbxIE6%2F4zVNuJ%2F6NsGBspsT1pjOt1PjqVAjggxZHTDdqdipEhk8lu0%2BWcilvW7%2B1nf7GN3T0RfUFIyYt8V7%2FMo7c1jVeLFp%2FY0VRtY1vLpkVTy%2BsjyDyqatG6J0qYqY%3D"}
2014-10-28 15:39:00,688 http-bio-8639-exec-14 WARN customer 939x1212x1 1wooz9p 127.0.0.1 /rest/servicedesk/1/servicedesk/BAG/kb/d3857cf7-a8cc-39da-b42d-a5ae13cee067/articles [internal.feature.applink.RestResponseHandler$] Received invalid JSON response for path /rest/knowledge-base/1.0/search?type=page&where=123&queryString=pag
2014-10-28 15:39:00,804 http-bio-8639-exec-17 WARN customer 939x1213x1 1wooz9p 127.0.0.1 /rest/servicedesk/1/servicedesk/BAG/kb/d3857cf7-a8cc-39da-b42d-a5ae13cee067/articles [apache.commons.httpclient.HttpMethodDirector] Unable to respond to any of these challenges: {oauth=OAuth realm="http%3A%2F%2Fbaseurl%3A6534", oauth_token="", oauth_consumer_key="jira%3A855b5049-8e45-41d0-8007-3b19d384b3e7", oauth_signature_method="RSA-SHA1", oauth_timestamp="1414507140", oauth_nonce="28253739552063", oauth_version="1.0", oauth_signature="JHT69%2BuIwfpJ7jnhM3nthAjC16t%2B%2FDV77O9F1kOPJdO%2BlM%2BDgYXFSajx3LrqPNmmWYKxrjOwICWeoDptWiIXa%2Fxvmkxpa%2Bv1UxZToPHWZYHyYGs9A7U22muljtcSHRgSyS9Ki8hk4E3ttpuPS%2Fbq6bWx0IPhndKoIITbPL5umZ0%3D"}
2014-10-28 15:39:00,805 http-bio-8639-exec-17 WARN customer 939x1213x1 1wooz9p 127.0.0.1 /rest/servicedesk/1/servicedesk/BAG/kb/d3857cf7-a8cc-39da-b42d-a5ae13cee067/articles [internal.feature.applink.RestResponseHandler$] Received invalid JSON response for path /rest/knowledge-base/1.0/search?type=page&where=123&queryString=page

      Notes

      Investigation has shown that the 

      confluence-knowledge-base-1.3.jar
confluence-remote-page-view-plugin-1.4.jar

      plugins are responsible for this. Upgrading to Confluence 5.5.2 or newer resolves this issue.

      Alternatively, you can replace the bundled plugins with the newer versions as provided as attachments to this bug report.
      This has been tested and confirmed to work in Confluence 5.4.3
      We can however not guarantee this to provide a solution in all cases. As such, we do not support this method, and serves as an ultimate workaround in case upgrading Confluence is no option. At all times, we advice upgrading Confluence over replacing the plugin files.

      This error might happen on more recent Confluence releases (e.g. 5.6.4) if the confluence-knowledge-base-1.4.jar plugin fails to load and is not enabled during the startup. In such cases, a possible workaround is to manually update the add-on via file upload on UPM.

        1. confluence-knowledge-base-1.4.jar
          39 kB
        2. confluence-remote-page-view-plugin-1.5.jar
          32 kB

              Unassigned Unassigned
              mnassette MJ (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: