Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Customer cannot login to customer channel

Steffen Becker
Steffen Becker
Contributor
November 13, 2018

I can reproduce the following simplified behaviour:

  1. Jira is connected to Crowd
  2. I have a "jira-users" group in Crowd, used for Jira Software Access
  3. I have a "project-A-customer" group in Crowd
  4. I assigned "John Tester" ONLY to "project-A-customer"
  5. In Jira project A settings -> "Users and roles", I added the group "project-A-customer" to role "Service Desk Customer"
  6. In my project A permission scheme, the "Service Desk Customer - Portal Access" role do have several permissions, e.g. "Browse Projects", "Create Issues", "Assign Issues", "Add Comments", "Create Attachments", ...
  7. I go to project A customer channel and try to login with user "John Tester"
  8. Nothing happens; the progress indicator circle keeps spinning forever
  9. Now I add "John Tester" to group "jira-users"
  10. Retry login to project A customer channel
  11. login succeeded

Obviously, I DON'T want John Tester grant acces to Jira Software ("jira-users" group), only to the customer channel.

What am I doing wrong?

Answer
Watch
Like Be the first to like this
1102 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
November 15, 2018

I'm not convinced you're actually doing anything wrong here.  You could be running into a known bug.  There are several different approaches to this problem we could take to try to troubleshoot this.

The one I am favoring towards is as follows:

  1. Remove the test account from the jira-users group, and make sure they are in the other group that has the service desk customer role for that project
  2. Try to login to the customer portal with those credentials again
  3. Generate a HAR file when trying to login.

I suggest this route because I know there exists at least two bugs in regards to Service Desk's login page not displaying any error messages when a login failure happens.  Details in

You might be running into one of these bugs, or something similar.  The HAR file should be able to capture a response from the Jira site about why the login is failing.  I suspect you might see an HTTP error code of somekind with a brief error message giving us more details.  I wish that error would appear in the web browser, where the end user can easily see it, but alas I think these existing bugs could be why we can't see the login failure here.   With that information, we should have some better understanding of why this is failing.

 

More thoughts and other possible approaches:

Using crowd here is an interesting detail.   When you integrate Crowd to handle authentication in Jira, there is a setting in the user directory configuration in Jira called 'Update group memberships when logging in'.  The options for this field are

  • For newly added users only
  • Never
  • Every time the user logs in  

My fear is that this crowd group membership might not be getting applied to this user in part because of the setting you might have here.   But this is hard to tell for sure because I don't know what your setting is here. 

The other approach you could try there, if the first doesn't work, would be to follow this KB: Unable to login to JIRA applications

It details some debug logging packages you can enable in Jira in order to get better insights from the Jira logs about why any particular user login fails in Jira.  The two differences being, authentication failed, or the user does not have authorization.   With this information we can then better try to understand where else we would need to look to troubleshoot this.

View More Comments
Steffen Becker
Steffen Becker
Contributor
November 19, 2018

Thank you!

Where should I drop the file?

(I'm not sure if I removed all sensitive data. I removed the user-password - is there something else to be removed?)

 

Regarding the KB article: It describes how to add a user as "Jira Software User" (Applications -> Application access):

In my case, this is the "jira-users" group. Maybe I have a misunderstanding: Must a user be in this group to be able to access the customer channel? Or is this group not required for customer channel access? If case 1 is true, this would explain everything.

Like
Andy Heinzer
Andy Heinzer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
November 19, 2018

I'm afraid our community site does not have the ability to attach files directly here.  You could use a service like dropbox or google drive to upload the file and then share the link with us here to take a closer look.  When we have finished you can then remove the shared file in case you have any concerns about sensitive data.   Technically a HAR file could contain a cookie about your session, but whether or not that could be exploited, I'm not sure.

 

Another thing to try here.  Instead of adding that user to a group and that group to the project role.  Try to just add this specific user account to the project role called 'Service Desk Customers', and then see if they can login to the customer portal.

You are correct that your jira-users group is likely being used to grant application access to licensed users and that service desk customers (unlicensed users) should not belong to this group.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Management
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security