Log in to crowd console -> Invalid login

Thank you Bruno Vincent for your help.

I(or a colleague) had no bad password attempts between last successful and today for this user.
table cwd_user_attribute 
 requiresPasswordChange : false
 invalidPasswordAttempts : 0 

But for sure: I've updated the database(MSSQL) table 'cwd_user' -> my internal user with the hash(atlassian-security) value for password 'admin' like in your documentation link. Restarted service crowd and still "invalid login" now with password 'admin'.


Then i've checked the tables / entry's listed under section 'If No Local Users Exist' and compared it with my actual entrys. Cannot found differences with the execption of id-numbers and username. 

My last action before the "invalid login" event was yesterday to setup ssl/https for jira/confluence/bitbucket. But only on this 3 services, no changes in crowd. Could this be a side effect from ssl? But in my understanding has this nothing to do with each other.
 

You wrote you already checked the atlassian-crowd.log file. Did you also check what you get in apache-tomcat/logs/catalina.out?

Ok, in ..\Crowd\3.1.2\apache-tomcat\logs\catalina.2018-04-27.log(and older) was an error ...

26-Apr-2018 07:36:58.805 WARNING [main] org.apache.catalina.core.AprLifecycleListener.init The APR based Apache Tomcat Native library failed to load. The error reported was [C:\..\Atlassian\Application\Crowd\3.1.2\apache-tomcat\bin\tcnative-1.dll: Can't load IA 32-bit .dll on a AMD 64-bit platform]

Here is an workaround/solution for that: https://jira.atlassian.com/browse/CWD-4869?page=com.atlassian.jira.plugin.system.issuetabpanels%3Achangehistory-tabpanel

Like described here, i've replaced the installed 32Bit tcnative-1.dll with the 64Bit one, restarted the crowd service and now it works. Successful login is possible again! :-)

The error was from the beginning -crowd installingdate- in 02/2018 in the logfile but in the past had this no negative effect. Logins were working fine. And now, after some time was this a problem?

Another cause could be the replacing of two files in two JAVA-Dirs this week:
...\Java\jdk1.8.0_152\jre\lib\security\policy\
...\Java\jre1.8.0_152\lib\security\policy\
local_policy.jar
US_export_policy.jar
(Its JAVA Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files)

It was necessary to load SSL keypairs into the JAVA keystore for using https in JIRA/Confluence/Bitbucket. And maybe this jars and tcnative-1.dll are also used for the crowd credentials -> hash-code atlassian-security??? But its only speculation...

Thank you very much.

Hi @Saxess Software GmbH

Thanks for letting us know about the resolution of that issue.

FYI you might want to upgrade to JDK 1.8.0_161 as unlimited cryptography is enabled by default from that version so you don't need to replace jar files anymore: http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html#JDK-8170157

You might also want to upgrade to Crowd 3.2 which bundles both 32 and 64 bit Tomcat binaries: https://confluence.atlassian.com/crowd/installing-crowd-and-crowdid-191862.html#InstallingCrowdandCrowdID-2.InstallCrowd

(Please see the paragraph titled 'Installing Crowd on Windows with 64-bit JVM')

Thank you for your Information!