Uploaded image for project: 'SAML for Atlassian Data Center'
  1. SAML for Atlassian Data Center
  2. SAMLDC-95

Upgrading SSO for Atlassian Data Center plugin breaks SAML log in page when there is a Johnson warning

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Low Low
    • 3.2.8, 4.0.12, 4.1.11, 4.2.6
    • 4.1.0, 3.2.7, 4.0.11, 4.1.9, 4.2.5
    • SSO
    • None

      Issue Summary

      Upgrading SSO for Atlassian Server and Data Center to version 4.2.5 will not provide users with the option to Log in with IDP when there is a Johnson warning.

      Steps to Reproduce

      1. Upgrade the SSO for Atlassian Server and Data Center to version 4.2.5 at the instance which has recommendation issues (Johnson warning)
      2. Access Jira and click on the "Log In" button on the top right

      Another example for Jira 8.13:

      1. Install a fresh Jira SW DC 8.13.10 instance.
      2. Once the install is complete, configure JVM heap as below in setenv.sh file - this is to create a Johnson warning. 
        JVM_MINIMUM_MEMORY="312m"
JVM_MAXIMUM_MEMORY="2048m"
      3. Restart Jira.
      4. With the Atlassian Authentication App version 4.1.1 (bundled with Jira 8.13.10), configure SAML SSO with any IdP as the primary authentication method.
      5. Try to authenticate on Jira and notice that clicking on the Login button redirects you to the IdP for authentication.
      6. Upgrade the Atlassian Authentication App to version 4.1.10.
        • Trying the SSO authentication (after the upgrade) through the Login button no longer redirects the user to the IdP and shows only the authentication form.

      Expected Results

      There will be an option to log in with IDP or internal directory

      Actual Results

      No longer possible to log in via IDP. Only Product login form option provided.

      Workaround

      Workaround 1

      Dismiss warnings:
      Go to <Jira Base URL>/secure/errors.jsp and dismiss any error/warning on that page – see an example below.

      This might be needed at any time a node restarted or started for the first time.

      If the above doesn't help, then downgrade the Atlassian SSO App to one of the following versions: 3.2.6, 4.0.10, 4.1.7, 4.2.4 .


      Workaround 2

      Downgrade the SSO for Atlassian Data Center plugin to version 3.2.6, 4.0.10, 4.1.7, 4.2.4

      1. Go to the manage apps page
      2. Select all apps and search for "SSO for Atlassian Data Center"
      3. Uninstall this app.
      4. Download SSO for Atlassian Server and Data Center version 4.2.4
      5. Upload this app from the Manage apps page ( the Upload app button )

      Although it shows incompatible, it will work -

      1. With both authentications enabled - 2021-09-13_22-50-51.mp4
      2. With Product login form is disabled - 2021-09-13_22-52-12.mp4

      Notes

      If the Product login form is disabled, the login gadget will not be displayed on the dashboard. However, when clicking on "Log in" it will be visible there but the IDP login option will still not be visible.
      2021-09-13_22-47-40.mp4

        1. screenshot-4.png
          screenshot-4.png
          253 kB
        2. screenshot-3.png
          screenshot-3.png
          294 kB
        3. screenshot-2.png
          screenshot-2.png
          311 kB
        4. screenshot-1.png
          screenshot-1.png
          199 kB
        5. image-2021-09-13-17-17-11-140.png
          image-2021-09-13-17-17-11-140.png
          259 kB
        6. image-2021-09-13-17-16-33-830.png
          image-2021-09-13-17-16-33-830.png
          163 kB
        7. image-2021-09-13-17-14-40-403.png
          image-2021-09-13-17-14-40-403.png
          300 kB
        8. 2021-09-13_22-52-12.mp4
          439 kB
        9. 2021-09-13_22-50-51.mp4
          414 kB
        10. 2021-09-13_22-47-40.mp4
          343 kB

            07f034cb6f52 Daniel Serkowski
            astephen@atlassian.com Adrian Stephen
            Votes:
            9 Vote for this issue
            Watchers:
            32 Start watching this issue

              Created:
              Updated:
              Resolved: