Uploaded image for project: 'Jira Software Data Center'
  1. Jira Software Data Center
  2. JSWSERVER-26010

Improve session handling for Jira + OIDC

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • Data Center
    • None
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem Definition

      When integrating Jira with an SSO solution like OIDC some users might need to log in and log out frequently to perform, for example, admin tasks and perform validations after as a regular user.

      Currently, when logging in and shortly after, log out using the "Log out" button from the profile icon at the top right of the screen and trying to log back in a second time an error will be displayed, and in the app logs you will see an error like this:

      ERROR anonymous 619x2187x1 nar2j7 xx.xx.x.x,xx.xx.xx.xxx /plugins/servlet/oidc/callback [c.a.p.a.i.web.filter.ErrorHandlingFilter] [UUID: 77f49aee-452f-4fab-a3fb-b63c60ad9d7e] Unknown state in response
com.atlassian.plugins.authentication.impl.web.usercontext.AuthenticationFailedException: Unknown state in response
	at com.atlassian.plugins.authentication.impl.web.oidc.OidcConsumerServlet.lambda$doGet$0(OidcConsumerServlet.java:113)
	at java.base/java.util.Optional.orElseThrow(Optional.java:408)
	at com.atlassian.plugins.authentication.impl.web.oidc.OidcConsumerServlet.doGet(OidcConsumerServlet.java:113)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:529)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
	at com.atlassian.plugin.servlet.DelegatingPluginServlet.service(DelegatingPluginServlet.java:37)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
	at com.atlassian.plugin.servlet.ServletModuleContainerServlet.service(ServletModuleContainerServlet.java:49)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
	... 48 filtered
	at com.atlassian.jira.plugin.mobile.web.filter.MobileAppRequestFilter.doFilter(MobileAppRequestFilter.java:59)
	... 4 filtered
	at com.atlassian.jira.plugin.mobile.login.MobileLoginSuccessFilter.doFilter(MobileLoginSuccessFilter.java:54)
	... 3 filtered
	at com.atlassian.diagnostics.internal.platform.monitor.http.HttpRequestMonitoringFilter.doFilter(HttpRequestMonitoringFilter.java:54)
	... 8 filtered
	at com.atlassian.plugins.authentication.impl.web.filter.ErrorHandlingFilter.doFilterInternal(ErrorHandlingFilter.java:79)
	at com.atlassian.plugins.authentication.impl.web.filter.AbstractJohnsonAwareFilter.doFilter(AbstractJohnsonAwareFilter.java:29)

      This error is highlighted here – Configuring OIDC using the Atlassian SSO for Data Center App in Jira

      And the suggestion is to close the browser window and try again.

      Suggested Solution

      Any other way that can help not having to close the window and still being able to log to Jira

      Why This Is Important

      It will help since having to close the browser is not always possible as it can be disruptive to the task at hand or internal procedures.

      Workaround

      No workaround has been found

            Unassigned Unassigned
            5b97fcabbfc1 Diego Moreno
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: