[JRASERVER-73188] Entering more than 255 characters in jira.security.duplicated.user.accounts fails to be accepted

Type: Bug
Resolution: Unresolved
Priority: Low (View bug fix roadmap)
Fix Version/s: None
Affects Version/s: 8.21.0
Component/s: User Management - Others
Labels:
- raid
- warranty

Introduced in Version:
8.21
Support reference count:
4
Symptom Severity:
Severity 3 - Minor
UIS:
0
Bug Fix Policy:
View Atlassian Server bug fix policy

Issue Summary

There is a 255 character limit to the advanced configuration entry field for jira.security.duplicated.user.accounts

Steps to Reproduce

attempt to add users to jira.security.duplicated.user.accounts where the entry (including ampersands between them) exceeds 255 characters

Expected Results

Advanced configuration field jira.security.duplicated.user.accounts to accept larger than 255 characters as an entry

Actual Results

The user interface will simply refuse to accept the entry, leaving the field with the characters entered in, but not updating the field to show that it's accepted
The below exception is thrown in the atlassian-jira.log file:

2022-01-13 15:04:59,438-0600 http-nio-48210-exec-15 INFO admin 904x894x1 16sm1wz 0:0:0:0:0:0:0:1 /rest/api/latest/application-properties/jira.security.duplicated.user.accounts [c.a.j.r.v2.admin.ApplicationPropertiesResource] Error setting Application Property
com.opensymphony.module.propertyset.IllegalPropertyException: String exceeds 255 characters.
    at com.opensymphony.module.propertyset.AbstractPropertySet.setString(AbstractPropertySet.java:297)
    at com.atlassian.jira.config.properties.ApplicationPropertiesStore.setString(ApplicationPropertiesStore.java:200)
    at com.atlassian.jira.config.properties.ApplicationPropertiesStore.setApplicationProperty(ApplicationPropertiesStore.java:188)
    at com.atlassian.jira.bc.admin.ApplicationPropertiesServiceImpl.setApplicationProperty(ApplicationPropertiesServiceImpl.java:146)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26)
    at com.sun.proxy.$Proxy165.setApplicationProperty(Unknown Source)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
    at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
    at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:136)
    at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70)
    at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:136)
    at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
    at com.sun.proxy.$Proxy8668.setApplicationProperty(Unknown Source)
    at com.atlassian.jira.rest.v2.admin.ApplicationPropertiesResource.setProperty(ApplicationPropertiesResource.java:202)
    at com.atlassian.jira.rest.v2.admin.ApplicationPropertiesResource.setPropertyViaRestfulTable(ApplicationPropertiesResource.java:179)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    ... 5 filtered
    at com.atlassian.jira.rest.exception.ExceptionInterceptor.intercept(ExceptionInterceptor.java:55)
    ... 1 filtered
    at com.atlassian.jira.rest.v2.issue.scope.RequestScopeInterceptor.intercept(RequestScopeInterceptor.java:39)
    ... 15 filtered
    at com.atlassian.plugins.rest.module.RestDelegatingServletFilter$JerseyOsgiServletContainer.doFilter(RestDelegatingServletFilter.java:162)
    ... 1 filtered
    at com.atlassian.plugins.rest.module.RestDelegatingServletFilter.doFilter(RestDelegatingServletFilter.java:72)
    ... 36 filtered
    at com.atlassian.jira.plugin.mobile.web.filter.MobileAppRequestFilter.doFilter(MobileAppRequestFilter.java:59)
    ... 4 filtered
    at com.atlassian.jira.plugin.mobile.login.MobileLoginSuccessFilter.doFilter(MobileLoginSuccessFilter.java:54)
    ... 3 filtered
    at com.atlassian.diagnostics.internal.platform.monitor.http.HttpRequestMonitoringFilter.doFilter(HttpRequestMonitoringFilter.java:55)
    ... 8 filtered
    at com.atlassian.web.servlet.plugin.request.RedirectInterceptingFilter.doFilter(RedirectInterceptingFilter.java:21)
    ... 43 filtered
    at com.atlassian.ratelimiting.internal.filter.RateLimitFilter.doFilter(RateLimitFilter.java:73)
    ... 3 filtered
    at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46)
    ... 17 filtered
    at com.atlassian.jira.security.JiraSecurityFilter.lambda$doFilter$0(JiraSecurityFilter.java:66)
    ... 1 filtered
    at com.atlassian.jira.security.JiraSecurityFilter.doFilter(JiraSecurityFilter.java:64)
    ... 16 filtered
    at com.atlassian.plugins.rest.module.servlet.RestSeraphFilter.doFilter(RestSeraphFilter.java:38)
    ... 3 filtered
    at com.atlassian.pats.web.filter.TokenBasedAuthenticationFilter.doFilter(TokenBasedAuthenticationFilter.java:83)
    ... 19 filtered
    at com.atlassian.jira.servermetrics.CorrelationIdPopulatorFilter.doFilter(CorrelationIdPopulatorFilter.java:30)
    ... 5 filtered
    at com.atlassian.plugins.authentication.impl.basicauth.filter.DisableBasicAuthFilter.doFilter(DisableBasicAuthFilter.java:70)
    ... 8 filtered
    at com.atlassian.ratelimiting.internal.filter.RateLimitPreAuthFilter.doFilter(RateLimitPreAuthFilter.java:71)
    ... 3 filtered
    at com.atlassian.web.servlet.plugin.request.RedirectInterceptingFilter.doFilter(RedirectInterceptingFilter.java:21)
    ... 4 filtered
    at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46)
    ... 3 filtered
    at com.atlassian.web.servlet.plugin.LocationCleanerFilter.doFilter(LocationCleanerFilter.java:36)
    ... 26 filtered
    at com.atlassian.jira.servermetrics.MetricsCollectorFilter.doFilter(MetricsCollectorFilter.java:25)
    ... 25 filtered
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.base/java.lang.Thread.run(Thread.java:834)

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available

is related to

JRASERVER-73128 Ability to ignore duplicate user accounts on specific directories

Gathering Interest

Mateo added a comment - 13/Jan/2022 9:59 PM

Likely to be encountered when trying to eliminate duplicate users

Mateo added a comment - 13/Jan/2022 9:59 PM Likely to be encountered when trying to eliminate duplicate users

Jira Data Center

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Issue Links

Forms

Activity

Collapse comment: Mateo added a comment - 13/Jan/2022 9:59 PM

Expand comment: Mateo added a comment - 13/Jan/2022 9:59 PM

People

Dates