Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-31793

JIRA attempts to apply group memberships when synchronising from a remote directory even if they already exist, causing a duplicate key violation

    XMLWordPrintable

Details

    Description

      Symptoms

      When synchronising a directory from a user directory, it fails, with an error like the below:

      2013-02-20 14:59:35,394 QuartzWorker-0 ERROR ServiceRunner     [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10001 ].
      com.atlassian.jira.crowd.embedded.ofbiz.db.DataAccessException: org.ofbiz.core.entity.GenericEntityException: while inserting: [GenericEntity:Membership][id,10017][membershipType,GROUP_USER][lowerParentName,jira-users][parentId,10013][childId,10014][childName,dmason][lowerChildName,dmason][directoryId,10001][parentName,jira-users] (SQL Exception while executing the following:INSERT INTO public.cwd_membership (ID, parent_id, child_id, membership_type, group_type, parent_name, lower_parent_name, child_name, lower_child_name, directory_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) (ERROR: duplicate key value violates unique constraint "uk_mem_parent_child_type"
        Detail: Key (parent_id, child_id, membership_type)=(10013, 10014, GROUP_USER) already exists.))
      	at com.atlassian.jira.crowd.embedded.ofbiz.db.OfBizHelper.createValue(OfBizHelper.java:167)
      	at com.atlassian.jira.crowd.embedded.ofbiz.OfBizInternalMembershipDao.createMembership(OfBizInternalMembershipDao.java:101)
      	at com.atlassian.jira.crowd.embedded.ofbiz.OfBizInternalMembershipDao.addUserToGroup(OfBizInternalMembershipDao.java:94)
      	at com.atlassian.jira.crowd.embedded.ofbiz.OfBizDelegatingMembershipDao.addUserToGroup(OfBizDelegatingMembershipDao.java:78)
      	at com.atlassian.crowd.directory.AbstractInternalDirectory.addUserToGroup(AbstractInternalDirectory.java:695)
      	at com.atlassian.crowd.directory.DbCachingRemoteChangeOperations.addUserToGroup(DbCachingRemoteChangeOperations.java:1151)
      	at com.atlassian.crowd.directory.DirectoryCacheImplUsingChangeOperations.addUserToGroup(DirectoryCacheImplUsingChangeOperations.java:187)
      	at com.atlassian.crowd.directory.ldap.cache.EventTokenChangedCacheRefresher.synchroniseChanges(EventTokenChangedCacheRefresher.java:115)
      	at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:609)
      	at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:63)
      	at com.atlassian.crowd.directory.DbCachingDirectoryPoller.pollChanges(DbCachingDirectoryPoller.java:50)
      	at com.atlassian.crowd.manager.directory.monitor.poller.DirectoryPollerJob.execute(DirectoryPollerJob.java:34)
      	at org.quartz.core.JobRunShell.run(JobRunShell.java:195)
      	at com.atlassian.multitenant.quartz.MultiTenantThreadPool$MultiTenantRunnable.run(MultiTenantThreadPool.java:72)
      	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
      Caused by: org.ofbiz.core.entity.GenericEntityException: while inserting: [GenericEntity:Membership][id,10017][membershipType,GROUP_USER][lowerParentName,jira-users][parentId,10013][childId,10014][childName,dmason][lowerChildName,dmason][directoryId,10001][parentName,jira-users] (SQL Exception while executing the following:INSERT INTO public.cwd_membership (ID, parent_id, child_id, membership_type, group_type, parent_name, lower_parent_name, child_name, lower_child_name, directory_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) (ERROR: duplicate key value violates unique constraint "uk_mem_parent_child_type"
        Detail: Key (parent_id, child_id, membership_type)=(10013, 10014, GROUP_USER) already exists.))
      	at org.ofbiz.core.entity.GenericDAO.singleInsert(GenericDAO.java:136)
      	at org.ofbiz.core.entity.GenericDAO.insert(GenericDAO.java:101)
      	at org.ofbiz.core.entity.GenericHelperDAO.create(GenericHelperDAO.java:64)
      	at org.ofbiz.core.entity.GenericDelegator.create(GenericDelegator.java:487)
      	at org.ofbiz.core.entity.GenericValue.create(GenericValue.java:98)
      	at com.atlassian.jira.crowd.embedded.ofbiz.db.OfBizHelper.createValue(OfBizHelper.java:162)
      	... 14 more
      

      Cause

      A group membership is being synchronised from the remote directory which already exists, and JIRA is attempting to add this. There are a few reasons why the remote directory would synchronise such memberships, including but not limited to the following known bugs:

      CWD-3147 If a user exists in two directories in an application, and is added to a group in one directory that it was already in the other, clients get duplicate key errors

      Workaround

      Flushing the cache of the directory will stop the error from happening, and cause the directory to synchronise fully, until the next time a duplicate group membership is sent from the remote directory. The simplest way of forcing this is:

      1. Disable the directory
      2. Enable the directory

      For the specific causes there may be workarounds in the linked bug tickets.

      Attachments

        Issue Links

          Activity

            People

              ajakubowski Adam Jakubowski (Inactive)
              dmason David Mason
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: