Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Bitbucket infinite loop while login -- Bug

Cedrico Djahan August 22, 2019

Our architecture:  

Bitbucket server with Keycloak for SSO. 


How to reproduce the bug: 

Create a user in your Keycloak. 

Assign groups to that user that are not authorized in Bitbucket. 


Current behaviour 

While trying to login in Bitbucket, there will be an infinite redirect loop between keycloak and bitbucket that will make your browser crash. The only   solution in this case is to stop your browser.

Expeted behaviour: 
Bitbucket should simply display an error page mentioning that the user is not authorized to access bitbucket. 

I think this is a bug in Bitbucket because  basically the user is correctly authentified at this moment. So for Keycloak everything looks fine. Bitbucket maybe is thinking that the user is wrong and sends the user back to Keycloak. And keycloak obviously sends the user back to bitbucket.  In this case a simple error message mentioning that the user does not have groups or something like that should be sufficient. 
More over I've seen that after all those users are marked as "unlicensed" in bitbucket when they do already exist in Bitbucket user directory. 

Please provide us a fix for this bug. 





Log in or Sign up to comment
AUG Leaders

Atlassian Community Events