Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-74246

Instances using CROWD as SSO provider might fail to log in users due to corrupt cache

XMLWordPrintable

      Issue Summary

      Instances using CROWD as SSO provider might fail to log in users due to corrupt cache.
      Please keep in mind this particular bug is only related to Crowd SSO, not 3rd-party authentication plugins.

      This is reproducible on Data Center: yes 

      Steps to Reproduce

      1. Configure Jira to use Crowd as SSO provider https://confluence.atlassian.com/crowd/integrating-crowd-with-atlassian-jira-192625.html.
      2. Set up your Jira to use the plugin's authenticator
      3. Remove user "x" from user cache on nodeN
      4. Log in as user "x" on nodeN

      Expected Results

      User is able to login and work with Jira in without any errors

      Actual Results

      Login process fails and the below error messages can be seen in the xxxxxxx.log file:

      User does not exist and cannot be created. Creation is disabled for all the users.
      Authentication failed. 

      Workaround

      (Taken from https://jira.atlassian.com/browse/JRASERVER-71483 )

      • Refresh caches by full Jira restart (very painful and requires an outage):
        • Full restart in Data Center is required because nodes with a corrupted cache will replicate it to other starting nodes, this means shutting down all nodes, validating the service is stopped, and starting them back up, a rolling restart will not resolve this issue.
      • Add new directory, then remove it:
        1. Create a brand new User Directory - this directory does not necessarily actually have to work
        2. Delete the newly created directory. This will trigger the user and group caches to be invalidated.
        3. Synchronize the existing User Directory

              755f87a38635 Krzysztof Krysiak
              jreczycki Jakub Reczycki
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: