I followed the configuration steps explained at this URL https://confluence.atlassian.com/bitbucketserver/connecting-bitbucket-server-to-jira-for-user-management-776640400.html.
Even though application name and password are correctly configured, the connection test returns a 403 error. Tried to change the application name and password, but without success.
Jira access log showing the same error BitBucket UI reports:
0:0:0:0:0:0:0:1 1344x960x1 - [23/Feb/2019:22:24:03 +0900] "POST /jira/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user HTTP/1.1" 403 14024 30 "-" "Apache-HttpClient/4.5.5 (Java/1.8.0_172)" "-"
BitBucket and Jira are installed on different machines, Jira being installed behind Apache as a front-end. Application link between Jira and BitBucket status is correct, and Jira is accessible.
Is there a way to increase Jira log output to undertand why the authentication fails, or any other way to find out what is wrong?
Thanks.
Hi Rossy,
I am not on the Jira team but will try to help.
You could try setting the logging level to DEBUG by following the instructions here: https://confluence.atlassian.com/adminjiraserver/logging-and-profiling-938847671.html
I hope that helps!
Hi Martyn,
Thanks for the idea and the link!
Have not yet fixed my problem, but thanks anyway!
I tried to increase the log level for a few different components, but no extra info was logged to atlassian-jira-security.log.
For info, this are the components I increased log level to DEBUG:
There are so many different components, so I picked those that I thought related to Jira acting as an authentication server.
The only log file that provides a hint to what is happening is access_log.<date>, I suppose that Jira's catalina is refusing the access.
0:0:0:0:0:0:0:1 624x9504x1 - [26/Feb/2019:10:24:56 +0900] "POST /jira/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user HTTP/1.1" 403 14024 25 "-" "Apache-HttpClient/4.5.5 (Java/1.8.0_172)" "-"
But BitBucket is able to access the REST API as seen from this log
0:0:0:0:0:0:0:1 629x9510x1 - [26/Feb/2019:10:29:03 +0900] "GET /jira/rest/capabilities/navigation?lang=en-GB HTTP/1.1" 200 358 5 "-" "Bitbucket-6.0.0 (6000000)" "-"
0:0:0:0:0:0:0:1 629x9511x1 - [26/Feb/2019:10:29:03 +0900] "GET /jira/rest/capabilities/navigation?lang=ja-JP HTTP/1.1" 200 358 3 "-" "Bitbucket-6.0.0 (6000000)" "-"
I tried to relax the constraint on what IP addresses can access Jira User Server and even included 127.0.0.1 as Jira might see the incoming address as been the address been used by Apache front-end, but here I am, still unable to make this work.
Thanks,
Celio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I nailed it!
access_log.<date> says that the connecting IP is 0:0:0:0:0:0:0:1, so I added ::1/128 to the list of IP addresses, and bingo!
Hope this might help people running into the same issue.
PS:
Will need to figure out how to restraint access to with Apache configuration, but this is another topic.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.