-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
8.5.0
-
None
-
8.05
-
7
-
Severity 3 - Minor
-
0
-
Issue Summary
It's a sort of chicken & egg problem. On restart when the system is in Upgrade Mode, we display dismissible/minor warnings in the form of a Johnson Page. In order to dismiss the warnings and continue, we first need to log in to Jira. The default redirect is to login.jsp. However, in order to login via SSO, the login process is different. The browser also has to access the `.../plugins/servlet/samlconsumer`--a url that gets blocked by the same Johnson Filter we're trying to dismiss.
Steps to Reproduce
- Set up SSO in a DC instance (say on 8.5)
- Upgrade a single node.
- The node should either have some sort of configuration problem that would prompt a warning Johnson Page, OR:
- start the upgraded node with the `-Djira.johnson.simulate.failure=POST_DATABASE_ACTIVATED:warning-dismissible` flag to force a dismissible johnson page to appear (note, you still have to be in upgrade mode for this to work, unfortunately)
- Click the "Ignore all warnings and continue" button
Expected Results
The warning page gets dismissed and the admin is able to login normally with SSO.
Actual Results
A 503 is returned, and the user is directed to a blank page.
Workarounds
1) Logging in with basic auth or some other mechanism, using the oauth fallback url (needs to be enabled beforehand)
2) Fixing the minor problems mentioned in the warning and restarting the node is another option.
3) The following JAVA parameter can be added to the nodes during the upgrade `-Djira.startup.warnings.disable=true` which will effectively disable that warning page on first login to the node that's been upgraded (drawback is that the admin will not be notified of any other warnings that might be important for the upgrade)
- is related to
-
SAMLDC-95 Upgrading SSO for Atlassian Data Center plugin breaks SAML log in page when there is a Johnson warning
- Closed
- relates to
-
JRASERVER-72493 SAML/SSO v4.2.x as a secondary authentication breaks upgrade when there's a Johnson dismissible warning
- Closed
-
SAMLDC-89 4.2.x breaks ZDU when there's a Johnson dismissible warning
- Closed
- mentioned in
-
Page Loading...