[JRASERVER-74939] Session invalidation should be propagated to other nodes in the cluster

Type: Bug
Resolution: Fixed
Priority: Medium (View bug fix roadmap)
Fix Version/s: 9.11.0
Affects Version/s: 8.5.19, 9.6.0, 9.5.1, 9.4.3, 9.7.0, 8.20.19
Component/s: Security
Labels:

Introduced in Version:
8.05
Support reference count:
1
Symptom Severity:
Severity 3 - Minor
UIS:
1
Bug Fix Policy:
View Atlassian Server bug fix policy
Current Status:

Hide

Atlassian Update – 28 June 2023

Hi everyone,

Thank you for taking the time to file and comment on this issue. We've reviewed it and agreed it’s a priority for us to resolve. Our engineers have already started working on the issue.

Please continue watching this ticket for future updates and changes in the timeline that may impact your work.

Andrzej Kotas

Jira DC Product Manager

Show
Atlassian Update – 28 June 2023 Hi everyone, Thank you for taking the time to file and comment on this issue. We've reviewed it and agreed it’s a priority for us to resolve. Our engineers have already started working on the issue. Please continue watching this ticket for future updates and changes in the timeline that may impact your work. Andrzej Kotas Jira DC Product Manager

In Jira there are some events (like password change, user delete) which invalidates user sessions.

Currently those events only invalidate sessions on the node where the event was triggered.

Those events should be propagated to other nodes.

incorporates

JRASERVER-73502 Jira does not invalidate session after a password change

Closed

relates to

JRASERVER-65889 As a JIRA Administrator I want to kill user session

Closed

VULN-790549 Failed to load

VULN-872373 Failed to load

RAID-3460 You do not have permission to view this issue

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(5 mentioned in)

Andrzej Kotas added a comment - 28/Jun/2023 8:51 AM

Atlassian Update – 28 June 2023

Hi everyone,

Thank you for taking the time to file and comment on this issue. We've reviewed it and agreed it’s a priority for us to resolve. Our engineers have already started working on the issue.

Please continue watching this ticket for future updates and changes in the timeline that may impact your work.

Andrzej Kotas

Jira DC Product Manager

Andrzej Kotas added a comment - 28/Jun/2023 8:51 AM Atlassian Update – 28 June 2023 Hi everyone, Thank you for taking the time to file and comment on this issue. We've reviewed it and agreed it’s a priority for us to resolve. Our engineers have already started working on the issue. Please continue watching this ticket for future updates and changes in the timeline that may impact your work. Andrzej Kotas Jira DC Product Manager

Assignee:: Daniel Ramotowski

Reporter:: Maciej Swinarski (Inactive)

Affected customers:: 3 This affects my team

Watchers:: 4 Start watching this issue

Created:: 07/Mar/2023 6:17 PM

Updated:: 04/Sep/2023 5:44 PM

Resolved:: 04/Sep/2023 10:39 AM

Details

Description

Attachments

Issue Links

Forms

Activity

Collapse comment: Andrzej Kotas added a comment - 28/Jun/2023 8:51 AM

Expand comment: Andrzej Kotas added a comment - 28/Jun/2023 8:51 AM

People

Dates