Problem

When basic authentication is disabled, it is not possible to recover Jira access in recovery mode.

Environment

9.12.8.

Steps to Reproduce

• Add the OpenID as a second authentication method
• Enable the login forms for OpenID
• Disable the login forms for Username and password
• Disable the Authentication on API calls
• Logout
• Try to log in and get redirected to the OpenID URL
• Or get the message Login form has been disabled on this instance.
• Follow the KB Restore Passwords To Recover Admin User Rights. It is still not possible to log in to Jira and the same error message is displayed.

Expected Results

You should be able to log in in recovery mode.

Actual Results

It is not possible to log in to Jira, and the message is showing: Login form has been disabled on this instance.

Workaround

Directly update the relevant records in the Jira database tables:

• Execute the following SQL to remove the second authentication method (see How to obtain authentication methods via a database SQL query or REST API in Jira Datacenter):

  SELECT * FROM "AO_ED669C_IDP_CONFIG";
  

  DELETE FROM "AO_ED669C_IDP_CONFIG" WHERE ID='<from_previous_SQL>';
  

• Execute the following SQL to get the ID number for the login form:

  SELECT p.id, p.property_key ,ps.propertyvalue FROM propertystring ps
  JOIN propertyentry p ON ps.id = p.id WHERE p.property_key LIKE 'com.atlassian.plugins.authentication.sso.config.show-login-form';
  

• Run the SQL to update the value to true

  UPDATE propertystring SET propertyvalue = 'true' WHERE id='<from_previous_SQL>';
  

• Add the parameter -Datlassian.recovery.password=<set_password> to the JVM_SUPPORT_RECOMMENDED_ARGS
• Restart Jira

Always back up your Jira database before any direct interaction. Please see Backing up the database