Upgrading Crowd when DB encryption is being used will make it fail at startup

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Low
    • 6.2.2
    • Affects Version/s: 6.2.0
    • Component/s: Upgrade
    • 3
    • Severity 3 - Minor
    • 29

      Problem

      When upgrading Crowd to 6.2 and having Database password encryption, Crowd will not recognize the encryption of previous versions due to changes in the library, and will fail at startup.

      Steps to Reproduce

      Install Crowd 6.1 or prior and add database encryption.
      https://confluence.atlassian.com/crowd061/encrypting-the-database-password-1483965119.html

      Expected Results

      Crowd should start without errors.

      Actual Results

      Crowd will fail to start, if you look the catalina.out log file, you'll see the below error complaining about a missing library:

      15-Jan-2025 17:56:20.885 main ERROR [springframework.web.context.ContextLoader] Context initialization failed
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'tokenDAOHibernate': Unsatisfied dependency expressed through method 'setBatchFind
er' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'batchFinder' defined in class path resource [applicat
ionContext-CrowdDAO.xml]: Cannot resolve reference to bean 'sessionFactory' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreation
Exception: Error creating bean with name 'sessionFactory' defined in class path resource [applicationContext-CrowdPersistence.xml]: Invocation of init method failed; nested excep
tion is java.lang.IllegalStateException: Cipher 'com.atlassian.db.config.password.ciphers.algorithm.AesOnlyAlgorithmCipher' is not allowed for database password encryption as it'
s not an instance of [com.atlassian.secrets.store.algorithm.AesOnlyAlgorithmSecretStore]

       

      Workaround

      • Stop Crowd
      • Edit the <crowd-home>/shared/crowd.cfg.cml, and replace the line below: 
        <property name="jdbc.password.decrypter.classname">com.atlassian.db.config.password.ciphers.algorithm.AesOnlyAlgorithmCipher</property>

        with the new cipher

        <property name="jdbc.password.decrypter.classname">com.atlassian.secrets.store.algorithm.AesOnlyAlgorithmSecretStore</property>
      • Start Crowd again.

              Assignee:
              Anastas Anastasov (Inactive)
              Reporter:
              Winderson Souza
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: