Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Unable to login to internal directory user

dchisholm
dchisholm June 28, 2012

I'm running Confluence with Crowd in an SSO configuration, and I cannot login to a user that I created in the Confluence internal directory.

The internal directory is listed first in the directory order, and I've confirmed that the user was created in the internal directory. When I try to login, the UI says the username/password is invalid, but the logs say:

WARN [atlassian.seraph.auth.DefaultAuthenticator] login login : 'internaluser' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

I have verified that this user is a member of both the confluence-user (doesn't this enable USE?) and confluence-admin groups.

I'm running Confluence 4.2 and Crowd 2.4.

How do I fix this?

Answer
Watch
Like # people like this
9596 views

3 answers

1 accepted

8 votes
Answer accepted
Colin Goudie
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 28, 2012

You can't. When SSO is enabled you MUST log in via a Crowd user.

This changed back I think when they added embedded crowd to Confluence

View More Comments
dchisholm
dchisholm June 28, 2012

But then it's not possible to edit any properties of the Crowd directory since it's in-use by your active login account.

I want to keep a local admin directory in the internal directory which I can then use to edit the Crowd directory settings.

Is the solution to switch out the SSO authenticator with the default one whenever I need to use the internal directory?

Like
Colin Goudie
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 28, 2012

Yeah pretty much, you disable the SSO authenticator in seraph-config.xml and reboot, do the fixes, and revert, reboot. Very annoying.

I was trying to find the small clause in the documentation that says this but can't find it now. If I find it I'll post it here

Like
j
j October 7, 2014

it's been taking long time to fix this problem for me. I disabled SSO and finally I can login with a internal account !!

Like
Sebastian Kouba
Sebastian Kouba June 26, 2018

Saying this is ridiculous is an inderstatement. So if I need to make changes to my crowd directory I have to:

- disable sso

- restart jira

- make the changes

- enable sso

- restart jira?

Come on. Those are supposed to be integrated tools by the same vendor!

Like
Lari Peltokangas
Lari Peltokangas June 6, 2019

You can just change the url to the crowd directorys edit page to still edit it. 

right click the "synchronise" link

--> copy url

(example https://confluenceurl.com/plugins/servlet/embedded-crowd/directories/sync?directoryId=xxxxxxx&atl_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)

--> change "sync" to "edit"

--> profit

Like # people like this
christopher.sentman
christopher.sentman June 11, 2019

Worked for me (v.6.5.0)!  Thanks Lari!

Like
Reply
2 votes
Colin Goudie
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 28, 2012

Here it is, on this page

https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence


It is possible to define multiple user directories in Confluence. However, if you enable SSO integration, you will only be able to authenticate as users from the Crowd server defined in the crowd.properties file.
View More Comments
Colin Goudie
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 28, 2012

Yeah, I wouldn't call it a feature

Like
dchisholm
dchisholm June 28, 2012

Thanks Collin. Not the answer I hoped for, but at least I can quit searching.

Like
Topher dailing
Topher dailing September 21, 2012

would this also affect my ability to add users to a newly created group in confluence? cuz i cant add users to groups now.

Like
Reply
0 votes
Bryan Stephenson
Bryan Stephenson February 4, 2019

What worked for one of my users getting this log message was clearing the browser cache and killing all browser process instances, then starting a fresh browser process. The error no longer occurred.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events