Uploaded image for project: 'Atlassian Ecosystem'
  1. Atlassian Ecosystem
  2. ECO-51

Calling the content endpoint sometimes fails with "<app> disallowed to impersonate user because 'no valid active user exists'"

XMLWordPrintable

    • 1
    • Minor
    • 1

      Issue Summary

      Calling the content endpoint sometimes fails with "<app> disallowed to impersonate user because 'no valid active user exists'"

      Steps to Reproduce

      1. Call /rest/api/content/<content-ID>?expand=body.storage&status=historical&version=<version>

      Expected Results

      The call succeeds and the content version is retrieved without issues.

      Actual Results

      Confluence server error: Add-on 'com.tensixtwo.conf.latexmath-dev' disallowed to impersonate the user because 'no valid active user exists'

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            [ECO-51] Calling the content endpoint sometimes fails with "<app> disallowed to impersonate user because 'no valid active user exists'"

            Feiyang Ye added a comment -

            Hi everyone, 

            Thank you for your patience. We have recently rolled out the solution to address this issue by allowing addons impersonating other addons in certain contexts.

            If you have any feedback please let us know. 

            Thanks

            Feiyang Ye added a comment - Hi everyone,  Thank you for your patience. We have recently rolled out the solution to address this issue by allowing addons impersonating other addons in certain contexts. If you have any feedback please let us know.  Thanks

            Rama Krishna Anumola {Appfire} added a comment -

            Is any one looking into this at all?

            Rama Krishna Anumola {Appfire} added a comment - Is any one looking into this at all?

            Rama Krishna Anumola {Appfire} added a comment -

            ETA??

            Rama Krishna Anumola {Appfire} added a comment - ETA??

            Serena Wang added a comment -

            Hello,

            Thank you for everyone's patience while we investigated this ticket.

            We wanted to share a few things:

            1. Why does this error appears for vendors?

            • Unfortunately the error message is not clear, but in majority of cases, this error message appears when an addon is impersonating another addon user in a request
            • Connect currently doesn't allow addons impersonating other addon users which is why these requests get blocked

            2. Why can't you just remove this check?

            • This check was put in place in order to prevent certain security attacks

            3. What is currently being done?

            Our team is currently working on a solution to

            • Allow addons impersonating other addons in certain contexts to unblock as many vendors as possible without creating any vulnerabilities
            • Improve the error message so there is less confusion around the root cause of the error.

            Serena 

            Serena Wang added a comment - Hello, Thank you for everyone's patience while we investigated this ticket. We wanted to share a few things: 1. Why does this error appears for vendors? Unfortunately the error message is not clear, but in majority of cases, this error message appears when an addon is impersonating another addon user in a request Connect currently doesn't allow addons impersonating other addon users which is why these requests get blocked 2. Why can't you just remove this check? This check was put in place in order to prevent certain security attacks 3. What is currently being done? Our team is currently working on a solution to Allow addons impersonating other addons in certain contexts to unblock as many vendors as possible without creating any vulnerabilities Improve the error message so there is less confusion around the root cause of the error. Serena 

            Felix Grund added a comment -

            Our app "Task Reminder for Confluence" is also affected by this bug.

            Felix Grund added a comment - Our app "Task Reminder for Confluence" is also affected by this bug.

            Antoine [Klee Group] added a comment -

            Will this issue be solved soon?

            Refined toolkit pages do not show up for some of our users due to this bug.

            Antoine [Klee Group] added a comment - Will this issue be solved soon? Refined toolkit pages do not show up for some of our users due to this bug.

            Nils Knoblauch added a comment -

            This is a blocker to use to use the use the Scroll Viewport App for documents which contain block macros from the LaTeX Math app. And we have quite a few formulas in our documents.

            Nils Knoblauch added a comment - This is a blocker to use to use the use the Scroll Viewport App for documents which contain block macros from the LaTeX Math app. And we have quite a few formulas in our documents.

            Rama Krishna Anumola {Appfire} added a comment -

            Hi Team,

            Can this be assigned to someone and ETA, please?

            Thanks
            RK

            Rama Krishna Anumola {Appfire} added a comment - Hi Team, Can this be assigned to someone and ETA, please? Thanks RK

              Unassigned Unassigned
              resteves Rodrigo Heinzen
              Affected customers:
              35 This affects my team
              Watchers:
              18 Start watching this issue

                Created:
                Updated:
                Resolved: