-
Suggestion
-
Resolution: Unresolved
-
Low
-
None
-
4.3.0
-
None
Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they might not be very helpful to end users – which can be turned on using the -Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true flag – but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page.
In most cases the message users will get when the authentication fails is pretty generic and will look like this:
In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships):
Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application
The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups).
Suggested Solution
Display the reason/ cause (and not the entire stack trace) in the UI regardless of the dark feature.
- relates to
-
- Gathering Interest