Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 10.1.1
Affects Version/s: 7.13.1, 8.2.3, 8.13.3, 10.0.0
Component/s: Login, User Management - Others
Labels:

Introduced in Version:
7.13
Support reference count:
58
Symptom Severity:
Severity 2 - Major
UIS:
4
Bug Fix Policy:
View Atlassian Server bug fix policy

When trying to authenticate a user who has a special character in their first name (é specifically) via SAML SSO, we see the following screen

The error in the logs is:

2019-07-04 16:04:08,679 http-nio-8080-exec-48 ERROR anonymous 964x1404949x1 vn7oz4 10.134.195.158,10.134.41.252 /plugins/servlet/samlconsumer [c.a.p.a.i.web.filter.ErrorHandlingFilter] Received invalid SAML response: Signature validation failed. SAML Response rejected
com.atlassian.plugins.authentication.impl.web.saml.provider.InvalidSamlResponse: Received invalid SAML response: Signature validation failed. SAML Response rejected
	at com.atlassian.plugins.authentication.impl.web.saml.provider.impl.OneloginJavaSamlProvider.lambda$extractSamlResponse$1(OneloginJavaSamlProvider.java:89)
	at com.atlassian.plugin.util.ContextClassLoaderSwitchingUtil.runInContext(ContextClassLoaderSwitchingUtil.java:48)
	at com.atlassian.plugins.authentication.impl.web.saml.provider.impl.OneloginJavaSamlProvider.extractSamlResponse(OneloginJavaSamlProvider.java:80)
	at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.doPost(SamlConsumerServlet.java:87)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at com.atlassian.plugin.servlet.DelegatingPluginServlet.service(DelegatingPluginServlet.java:37)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at com.atlassian.plugin.servlet.ServletModuleContainerServlet.service(ServletModuleContainerServlet.java:45)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	... 53 filtered
	at com.atlassian.plugins.authentication.impl.web.filter.ErrorHandlingFilter.doFilter(ErrorHandlingFilter.java:83)
	... 3 filtered
	at com.atlassian.web.servlet.plugin.request.RedirectInterceptingFilter.doFilter(RedirectInterceptingFilter.java:21)
	... 58 filtered
	at com.atlassian.jira.security.JiraSecurityFilter.lambda$doFilter$0(JiraSecurityFilter.java:66)
	... 1 filtered
	at com.atlassian.jira.security.JiraSecurityFilter.doFilter(JiraSecurityFilter.java:64)
	... 36 filtered
	at com.atlassian.jira.servermetrics.CorrelationIdPopulatorFilter.doFilter(CorrelationIdPopulatorFilter.java:30)
	... 10 filtered

Workaround

Add the following as JVM startup parameters:

-Dfile.encoding=UTF-8 -Djavax.servlet.request.encoding=UTF8

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

Jirauser.png
24 kB
11/Jul/2019 7:54 AM

is cloned from

CONFSERVER-54753 Unable to log in with SAML SSO when user has special character in name

Closed

is related to

JRASERVER-43664 Configure "-Dfile.encoding=utf-8" by default

Closed

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

relates to: JDCWUMAL-7 Loading...

(3 mentioned in, 1 relates to)

Assignee:: Daniel Rauf

Reporter:: Vivian Hu (Inactive)

Votes:: 14 Vote for this issue

Watchers:: 21 Start watching this issue

Created:: 11/Jul/2019 7:51 AM

Updated:: 09/Oct/2024 11:48 AM

Resolved:: 09/Oct/2024 11:48 AM

Details

Description

Workaround

Attachments

Attachments

Issue Links

Forms

Activity

People

Dates