Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
8.22.6, 9.12.4, 9.14.1
-
8.22
-
3
-
Severity 3 - Minor
-
Description
Issue Summary
Jira redirects the users back to the login page when SSO is used with Crowd (when SSOSeraphAuthenticator is enabled in the seraph-config.xml. It works fine when Crowd is not used (when JiraSeraphAuthenticator is enabled.)
This is reproducible on Data Center: Yes
Steps to Reproduce
- Create a Jira 9.12.4 and Crowd 5.2.3 environment
- Configure Crowd by adding the Jira application
- Add Crowd directory in Jira
- Configure SSO in Jira by using Jira's SSO application
- Add crowd.properties file under Jira_Install/application-data/WEB-INF/classes
- Edit seraph-config.properties, enable SSOSeraphAuthenticator and disable JiraSeraphAuthenticator
<!-- CROWD:START - If enabling Crowd SSO integration uncomment the following SSOSeraphAuthenticator and comment out the JiraSeraphAuthenticator below --> <authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/> <!-- CROWD:END --> <!-- CROWD:START - The authenticator below here will need to be commented out for Crowd SSO integration --> <!-- <authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/> --> <!-- CROWD:END -->
- Restart Jira to activate the changes
- Log in Jira using SSO
Expected Results
Jira should allow users to log in
Actual Results
The login screen comes and the user clicks on the SSO login:
SSO login screen appears successfully:
After the user provides the credentials and clicks on login, they are redirected to the Jira login page again:
The below exception is thrown in the Crowd application log file:
2024-03-13 11:10:51,412 http-nio-8095-exec-16 url: /crowd/rest/usermanagement/1/session ERROR [crowd.manager.token.RecoveryModeAwareTokenAuthenticationManager] Rejecting authentication without validating password of user 'XXXX' for app 'jira' because authentication without validating password is disabled for this app
Workaround
Enable Allow to generate user tokens option in Crowd.
Attachments
Issue Links
- relates to
-
PSSRV-109970 Loading...