-
Bug
-
Resolution: Fixed
-
High
-
8.15.0, 8.15.1, 8.16.0, 8.16.1
-
8.15
-
3
-
Severity 2 - Major
-
9
-
Issue Summary
When upgrading Jira to versions using SAML/SSO plugin version >4.2, if there's a dismissible warning then you won't be able to ignore the errors and continue.
The UI will break with the following error when you hit "Ignore all warnings and continue"
This happens because the new authentication methods provided by the SSO plugin version 4.2 retrieves the available directories through the endpoint /rest/authconfig/1.0/login-options, however, this endpoint is not whitelisted on Johnson's filter whitelist so a 503 is received by the plugin when trying to retrieve it, here is the list of allowed URLs:
Steps to Reproduce
- Set up more than one authentication method in Authentication Methods (available as of 4.2);
- Additionally, if upgrading from for Jira 8.5 and having set up SAML as a secondary authentication, it will trigger the problem as well;
- Upgrade Jira to a higher version;
- The instance should either have some sort of configuration problem that would prompt a warning Johnson Page;
- Click the "Ignore all warnings and continue" button
Expected Results
The admin is able to dismiss the warnings page and log in on the node.
Actual Results
The user is unable to log in, so the error message cannot be dismissed from the UI.
Workaround
Option 1
Fix the warnings displayed in the Johnson's page.
Option 2
Add the following parameter to your start-up properties:
- -Djira.startup.warnings.disable=true
Notes
Starting in Jira 8.16, we have upgraded the Postgres driver version. This new version enforces the socketTimeout parameter (JRASERVER-71982) and will bring Johnson's warning page if the user doesn't add them, thus increasing the likelihood of users facing this problem.
- is cloned from
-
-
- Closed
-
- is related to
-
-
- Gathering Impact
-
- is blocked by
-
AAUTH-576 Loading...
- mentioned in
-
-
-
-
-
-
-
-
-
-
-
-