Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-4904

Crowd update token twice when using SSO

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Low
    • None
    • 2.10.1, 2.11.2
    • SSO

    Description

      Current behavior

      Crowd logs receive duplicated token messages when enabling SSO.

      Crowd:

      2017-03-21 09:48:06,437 http-bio-8443-exec-14 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username
2017-03-21 09:48:06,437 http-bio-8443-exec-14 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username

      Confluence:

      2017-03-21 09:48:06,502 DEBUG [http-nio-8443-exec-5] [crowd.manager.application.ApplicationServiceGeneric] findUserByName Located user 'username' in directory 1179649 'Crowd'
2017-03-21 09:48:06,519 DEBUG [http-nio-8443-exec-5] [crowd.manager.application.ApplicationServiceGeneric] findUserByName Located user 'username' in directory 1179649 'Crowd'

      If you enable the database logging for Postgres for example, we can spot duplicated token update queries:

      2017-04-21 10:47:28 BRT LOG:  execute <unnamed>: update cwd_token set directory_id=$1, entity_name=$2, random_number=$3, identifier_hash=$4, random_hash=$5, created_date=$6, last_accessed_date=$7, last_accessed_time=$8, duration=$9 where id=$10
2017-04-21 10:47:28 BRT DETAIL:  parameters: $1 = '32769', $2 = 'username', $3 = '2190354187148948430', $4 = '8l6iRqnOsppBLfyjaRFSiw00', $5 = 'Yg6BfKPWlelIA0l7fUGgmg00', $6 = '2017-04-21 10:47:16.889', $7 = '2017-04-21 10:47:16.889', $8 = '1492782448668', $9 = NULL, $10 = '327683'

      2017-04-21 10:47:29 BRT LOG:  execute <unnamed>: update cwd_token set directory_id=$1, entity_name=$2, random_number=$3, identifier_hash=$4, random_hash=$5, created_date=$6, last_accessed_date=$7, last_accessed_time=$8, duration=$9 where id=$10
2017-04-21 10:47:29 BRT DETAIL:  parameters: $1 = '32769', $2 = 'username', $3 = '2190354187148948430', $4 = '8l6iRqnOsppBLfyjaRFSiw00', $5 = 'Yg6BfKPWlelIA0l7fUGgmg00', $6 = '2017-04-21 10:47:16.889', $7 = '2017-04-21 10:47:16.889', $8 = '1492782449039', $9 = NULL, $10 = '327683'

      Expected behavior

      Crowd should update the token only once for each login.

      Symptoms

      There is no apparent performance or major issues.

      How to replicate

      Install a Crowd and Confluence using the latest versions and integrate them with SSO.

      Enable the following debug logs in Confluence and Crowd:

      Confluence, set to ALL:

      com.atlassian.confluence.security.login 
com.atlassian.confluence.security	 
com.atlassian.crowd	
com.atlassian.crowd.manager	
com.atlassian.confluence	
com.atlassian.confluence.user.crowd

      Crowd, set to DEBUG:

      com.atlassian.crowd

      Login to Confluence using the SSO user created in Crowd and the following appears in Crowd:

      2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username
2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding remote address of 127.0.0.1
2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: username
2017-03-29 10:41:53,514 http-bio-8095-exec-21 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding remote address of 127.0.0.1

      Workaround

      There is no workaround at the moment

      Attachments

        Activity

          People

            Unassigned Unassigned
            rgadami Rodrigo Girardi Adami
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: