We recently dockerized our jira and have been receiving this error after going docker. We are using okta as our sso. Does anyone have any suggestions on how to fix this?
2020-04-16 04:42:11,806 http-nio-8080-exec-15 url:/okta_login.jsp anonymous 282x12707127x3 1gh6lah 103.5.135.35:64469 /okta_login.jsp The user '******' has FAILED authentication. Failure count equals 1
2020-04-16 08:37:17,912 http-nio-8080-exec-100 url:/rest/gadget/1.0/login anonymous 517x31390x2 8eqgs0 85.90.235.164:52888 /rest/gadget/1.0/login The user '*****' has FAILED authentication. Failure count equals 1
2020-04-16 16:33:08,293 http-nio-8080-exec-56 url:/rest/api/latest/issue/SGC-18246 anonymous 993x779677x5 - 78.9.182.146:37870 /rest/api/latest/issue/SGC-18246 The user '*****' has FAILED authentication. Failure count equals 2
This feels like it would be a real good one to start banging your head on the desk. I haven't seen this and my oktavation is just getting started so I may be of limited help. However:
I have been containerized on AWS using ECS as my run environment for a couple of years now. I normally don't find things that hard to integrate but can be a bit tricky from time to time. From the looks of the error message, you are doing the native okta integration as presented by the "application" SAML configuration in the okta console (okta_login.jsp gave it away to me). I did the hard coded variant as presented on their page and it did actually work. Where I am falling down is that, since I have built completely stateless and location agnostic images, I am trying to have the okta integration work the same way. That aside, since it did work for me when hardcoded as it were, I would start to check to see if you have enough ports and/or port forwarding configured.
Total stab in the dark but might get there; ports and connection into the container are often a fussy thing.
I'm don't think my issue is with the ports and connection to the container, they seem to be configured properly. We have our customized docker image with okta and jira integration running on Azure and the request point to Application gateway.
Before moving to docker, our Jira was running on an on-prem server and the URL had port 8443 (jira.*****.com:8443) but when migrating to Azure, our port 8443 is listening on Application Gateway and we have a redirect rule to open up only with domain. (jira.*****.com)
Also, we have Crowd setup which is integrated with okta.
I hope this helps and clarifies our setup a bit more. Any other suggestion would be greatly appreciated!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.