Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-71844

Dismissing a Johnson Page For Minor Warnings After Upgrading a Node Is Not Compatible With SSO

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Low Low
    • None
    • 8.5.0
    • Data Center - Other, Login
    • None

      Issue Summary

      It's a sort of chicken & egg problem. On restart when the system is in Upgrade Mode, we display dismissible/minor warnings in the form of a Johnson Page. In order to dismiss the warnings and continue, we first need to log in to Jira. The default redirect is to login.jsp. However, in order to login via SSO, the login process is different. The browser also has to access the `.../plugins/servlet/samlconsumer`--a url that gets blocked by the same Johnson Filter we're trying to dismiss.

      Steps to Reproduce

      1. Set up SSO in a DC instance (say on 8.5)
      2. Upgrade a single node.
        • The node should either have some sort of configuration problem that would prompt a warning Johnson Page, OR:
        • start the upgraded node with the `-Djira.johnson.simulate.failure=POST_DATABASE_ACTIVATED:warning-dismissible` flag to force a dismissible johnson page to appear (note, you still have to be in upgrade mode for this to work, unfortunately)
      3. Click the "Ignore all warnings and continue" button

      Expected Results

      The warning page gets dismissed and the admin is able to login normally with SSO.

      Actual Results

      A 503 is returned, and the user is directed to a blank page.

      Workarounds

      1) Logging in with basic auth or some other mechanism, using the oauth fallback url (needs to be  enabled beforehand)

      2) Fixing the minor problems mentioned in the warning and restarting the node is another option.

      3) The following JAVA parameter can be added to the nodes during the upgrade `-Djira.startup.warnings.disable=true` which will effectively disable that warning page on first login to the node that's been upgraded (drawback is that the admin will not be notified of any other warnings that might be important for the upgrade)

              Unassigned Unassigned
              sutecht Seth Utecht (Inactive)
              Votes:
              5 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated: