Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Low
Fix Version/s: None
Affects Version/s: 6.4.1
Component/s: Dashboard & Gadgets
Labels:
- affects-server

Introduced in Version:
6.04
Support reference count:
3
Symptom Severity:
Severity 3 - Minor
UIS:
0
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Summary

DefaultGadgetSpecFactory::fetchObjectAndCache does not use current logged in user credentials or request cookie so it fails behind a proxy with basic auth

Environment

Basic Auth proxy

apache site enabled

# JIRA AJP Proxy Configuration:
<VirtualHost *:80>
ServerName jsimon.atlassian.local

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>
CustomLog ${APACHE_LOG_DIR}/access.log combined
LogLevel                debug
ProxyRequests           Off
ProxyPass               /jira       ajp://localhost:8010/jira
ProxyPassReverse        /jira       ajp://localhost:8010/jira

<Location /jira>
        AuthType Basic
        AuthName "Jira Basic Auth"
        AuthUserFile /etc/apache2/users/jira
        Require valid-user
</Location>
</VirtualHost>

JIRA servers.xml

<Context path="/jira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">

<Connector port="8010"
                   maxThreads="150"
                   minSpareThreads="25"
                   enableLookups="false"
                   protocol="AJP/1.3"
                   address="127.0.0.1" />

Steps to Reproduce

From JIRA

Click Add new gadgets button on a Dashboard

Manually

Enter http://localhost:8090/jira/rest/config/1.0/directoryitems/local.json on the browser

The list of gadgets will be smaller than expected.

Analysis:

The effect is that less gadgets are retrieved this way than without the proxy. This is partially solved by APDEX-198.

When LocalGadgetSpecFactory::getGadgetSpec fails to retrieve a gadget if falls back in DefaultLocalGadgetSpecFactory:

private GadgetSpec fetchObjectAndCache(Uri url, boolean ignoreCache) throws GadgetException {
    HttpRequest request = new HttpRequest(url).setIgnoreCache(ignoreCache);
    request.setCacheTtl((int) (refresh / 1000));

    HttpResponse response = fetcher.fetch(request);
    ...

The only header in this request is X-shinding-dos: on, request results on a Gateway timeout (HTTP error 504). Apache error logs show:

[Fri May 15 17:51:47.063013 2015] [authz_core:debug] [pid 28554:tid 139774182508288] mod_authz_core.c(802): [client 10.0.2.2:56556] AH01626: authorization result of Require valid-user : denied (no authenticated user yet)

Attachments

Issue Links

relates to

JRASERVER-43212 NullPointerException in JiraWebResourceIntegration#getBaseUrl

Closed

APDEX-198 Loading...

clones: JDEV-33044 Loading...

mentioned in: Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Zul NS [Atlassian]

Votes:: 1 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 18/May/2015 8:25 AM

Updated:: 20/Feb/2024 2:29 AM