After upgrading Crowd to version 3.2.x, users can't log into Crowd console. The following error can be found in the atlassian-crowd.log:
Crowd has recently upgraded it's bundled Tomcat to version 8.5 and it's now strictly compliant with RFC6265, although according to RFC's Server Requirement Documentation (126.96.36.199. The Domain Attribute), leading dot such as in .example.com is ignored though not permitted:
Remove trailing dot from the SSO domain.
- You will need to access your database and get the current value of the sso domain by running following SQL:
This will return a current value of SSO domain set in Crowd, for example .mydomain.com
- Assuming that the current value of the SSO domain is .mydomain.com (with a leading dot), update the value with the domain name and omit the leading dot as follows:
The same RFC 6265 states that the user agent should ignore leading dot in the domain attribute for the Set-Cookie header and tread the value just as it would not have this leading dot:
so removing the leading dot will not break current SSO integration