-
Suggestion
-
Resolution: Unresolved
-
Low
-
None
-
4.3.0
-
None
Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they might not be very helpful to end users – which can be turned on using the -Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true flag – but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page.
In most cases the message users will get when the authentication fails is pretty generic and will look like this:
In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships):
Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application
The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups).
Suggested Solution
Display the reason/ cause (and not the entire stack trace) in the UI regardless of the dark feature.
- relates to
-
- Gathering Interest
[SAMLDC-108] Display the cause of the SAML authentication failure to users
| Workflow | Original: SAMLDC Workflow v2 [ 4262176 ] | New: JAC Suggestion Workflow 3 [ 4271276 ] |
| Status | Original: Open [ 1 ] | New: Gathering Interest [ 11772 ] |
| Summary | Original: Display the cause of the authentication failure to users | New: Display the cause of the SAML authentication failure to users |
| Description |
Original:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they might not be very helpful to end users -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages* flag. |
New:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they might not be very helpful to end users -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason/ cause (and not the entire stack trace) in the UI regardless of the dark feature. |
| Description |
Original:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they won't be very helpful to end users -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages* flag. |
New:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they might not be very helpful to end users -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages* flag. |
| Description |
Original:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages* flag. |
New:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces as they won't be very helpful to end users -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages* flag. |
| Description |
Original:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships) despite the authentication taking place against an Identity Provider: {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag. |
New:
h3. Problem Definition
It would be nice if we could display the cause of the authentication failure to users so they know why they are unable to log in to the application. I'm not referring to stack traces -- which can be turned on using the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages=true* flag -- but rather a short and meaningful message that informs users what went wrong and doesn't force them to reach out to a Bamboo admin to find the error message in the logs using the error identifier provided in the page. In most cases the message users will get when the authentication fails is pretty generic and will look like this: !Screenshot 2022-02-25 at 14.00.31.png|thumbnail! In this example, the actual reason behind the failure was a problem in Crowd (Bamboo was connected to Crowd to sync users, groups and memberships): {noformat} Error from Crowd server propagated to here via REST API (check the Crowd server logs for details): User is not allowed to authenticate with the application {noformat} The authentication was going out to an Identity Provider and there was nothing wrong there. The problem was that the groups the user belonged to were not allowed to authenticate against this application inside Crowd (Applications > $application_name > Directories & groups). h3. Suggested Solution Display the reason (and not the entire stack trace) in the UI regardless of the *-Datlassian.darkfeature.atlassian.authentication.include.stacktrace.in.error.messages* flag. |