Administrator Access

Hi!

I have got annoyed message:

"Administrator Access

If you were sent to this page from a link obtained from an untrusted source please proceed with caution or validate the link source before continuing.

You have requested access to an administrative function in JIRA and are required to validate your credentials below."

When i work in administration panel, i get this message all the time... like, 1-2 pages and then this message... in different parts just this message.

Jira and confluence... (https access)

4 answers

1 accepted

If the JIRA and Confluence running on the same box with different port numbers? If that is the case, the cookies will get overwritten when you switch between the apps. This is normal as cookies are site specific not port specific. To prevent this, either have a proxy in front of the apps (1) or set contexts for the apps (2). If both are not possible, you need to use two browsers to prevent his overwriting.

    1. https://confluence.atlassian.com/display/JIRA/Integrating+JIRA+with+Apache
    2. https://confluence.atlassian.com/display/JIRAKB/User+is+Logged+Out+of+JIRA+after+Confluence+Login

Yes, TY for a good explanation!

2 votes

I think this pages could help to solve your question. https://confluence.atlassian.com/display/JIRA044/Configuring+Secure+Administrator+Sessions

Regards, John

Yes, i've read it before:

"The temporary secure session has a rolling timeout (defaulted to 10 minutes). If there is no activity by the administrator in the JIRA administration screens for a period of time that exceeds the timeout, then the administrator will be logged out of the secure administrator session (note that they will remain logged into JIRA). If the administrator does click an administration function, the timeout will reset."

So it's much less then 10 minutes by default... it's less then 10 seconds.

It defaults to ten minutes on a plain install, but could someone at your place have changed it?

It also sounds like there may be something wrong on the browser side - can you try a different browser to rule that out?

Yes, i'll try another one... and on another OS.

And i've found that i have opened Jira & confluence on different tabs... and when i change tab (from jira to confluence or confluence to jira) on any action i need to enter password and got "Administrator Access" message.

add:

Yep, windows 7 with IE the same like on ubuntu with firefox.

I have the same problem (ever since I upgraded to JIRA 6). But in my case, I don't have to switch between tabs -- all I have to do is open Confluence in another tab, and suddenly all of my JIRA administrative functions require authentication on every step.

Exactly the same problem I am having:

If I am logged in only to JIRA, it seems to work just fine. If I log into Confluence, it seems to, at every link click within the admin interface, request that password again. If I go to the JIRA tab, it does the same thing.

If I only have Confluence logged in, it still has an issue sometimes Maybe the fact that the cookie causing the problem from before never got cleared? Or, maybe it's just that the Confluence authentication through JIRA isn't working quite the same as if it were through crowd, etc.?

This is the perfect example:

Example

I have already entered the administrator password a second time to confirm my desire to actually elevate my privileges (Note the bar across the top). However, these tabs all are asking for them again.

Finally, if I click on Application Details and then click Update, it redirects me to the Confluence login page again (mind you, I haven't changed anything else since I've opened this window up). Then, once I log in, I have to reaffirm the Administrator Access. Once I do that, it takes me back to this page, but obviously without the popup window open.

When multiple applications are configured on the same domain with separate ports, users will be constantly logged out of each application as the {{SESSION_COOKIE_NAME}} is identical.

This is due to the Tomcat configuration. Please alter the default bundled Tomcat 7 config so that it has a unique JIRA session cookie by modifying the {{$JIRA_INSTALL/conf/context.xml}} to the following (or something similar):

{code:xml}
<Context sessionCookieName ="JIRASESSIONID">
{code}

This will prevent users from getting into this problem in the first place.

Additional workarounds can be found within User is Constantly Logged out of JIRA.

 

A suggestion ticket was raised : https://jira.atlassian.com/browse/JRA-36960

I think this is also causing the WebSudo error on Project creation if you have JIRA and Confluence on the same box.


Ref:

https://answers.atlassian.com/questions/239752/error-creating-project-401this-resource-requires-websudo

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Jul 10, 2018 in Confluence

We want to see the templates you've created in Confluence!

Hi Community, Jessica here from the Confluence Product Marketing team!  July’s community challenge is all about sharing pictures  — and as an extension of our first post on what ...

613 views 21 11
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you