-
Bug
-
Resolution: Fixed
-
Highest
-
8.22.0, 8.20.8
-
8.2
-
1
-
Severity 3 - Minor
-
Issue Summary
Instances using CROWD as SSO provider might fail to log in users due to corrupt cache.
Please keep in mind this particular bug is only related to Crowd SSO, not 3rd-party authentication plugins.
This is reproducible on Data Center: yes
Steps to Reproduce
- Configure Jira to use Crowd as SSO provider https://confluence.atlassian.com/crowd/integrating-crowd-with-atlassian-jira-192625.html.
- Set up your Jira to use the plugin's authenticator
- Remove user "x" from user cache on nodeN
- Log in as user "x" on nodeN
Expected Results
User is able to login and work with Jira in without any errors
Actual Results
Login process fails and the below error messages can be seen in the xxxxxxx.log file:
User does not exist and cannot be created. Creation is disabled for all the users. Authentication failed.
Workaround
(Taken from https://jira.atlassian.com/browse/JRASERVER-71483 )
- Refresh caches by full Jira restart (very painful and requires an outage):
- Full restart in Data Center is required because nodes with a corrupted cache will replicate it to other starting nodes, this means shutting down all nodes, validating the service is stopped, and starting them back up, a rolling restart will not resolve this issue.
- Add new directory, then remove it:
- Create a brand new User Directory - this directory does not necessarily actually have to work
- Delete the newly created directory. This will trigger the user and group caches to be invalidated.
- Synchronize the existing User Directory
- is cloned from
-
JRASERVER-74215 Instances using custom authentication plugins might fail to log in users due to corrupt cache
- Closed
- is related to
-
JRASERVER-71483 As a Jira admin I would like to recover from user cache corruption without a whole cluster restart
- Closed
- is mentioned by
-
LOGIN-91 Loading...
- relates to
-
LOGIN-92 Loading...