Alright, here is my issue: After migrating migrating Confluence 6.0.1 from one server to an Amazon EC2 instance and migrating my PostgreSQL DB as well, I am able to reach the login page but all login attempts fail.
Steps taken:
1) Install Confluence on new server as a service (I have tried both 6.0.1 and 6.0.7)
2) Ensure that I can reach Confluence initial setup by navigating to localhost:8090 (default port suggested by confluence
3) Stop Confluence
4) Replace fresh home directory with home directory from server I am migrating
5) Replace server.xml with server.xml from migration server
6) edit server.xml to have appropriate host URLs
7) Start Confluence
Now, I want to note here that while I am aware that the instructions for migration say to STOP confluence on BOTH servers, but I have left Confluence running on the other server for now, as taking it down during business hours could impact my team's productivity severely.
Moving on, what do I see after following those steps?
- I am able to navigate to localhost:8090/confluence and I am presented with the Confluence page
- Every attempt to login redirects me to the same page
Attempted solutions:
- Delete Confluence directories and try again
- Reset an admin password back to "admin" and attempt to login (still redirects)
Below you will find the contents of my `atlassian-confluence.log` and `catalina.out`
2017-12-19 18:43:04,661 WARN [http-nio-8090-exec-1] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 2e2049c5d636bd34 | userName: anonymous
2017-12-19 18:43:08,946 WARN [http-nio-8090-exec-7] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 9ac01747cea4e262 | userName: anonymous
2017-12-19 18:50:14,871 WARN [http-nio-8090-exec-3] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 73d8f93e2b1b752f | userName: anonymous
2017-12-19 18:50:20,412 WARN [http-nio-8090-exec-8] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 80b5eaa20c0c730f | userName: anonymous
2017-12-19 19:00:00,041 WARN [scheduler_Worker-5] [hql.internal.ast.HqlSqlWalker] generatePositionalParameter [DEPRECATION] Encountered positional parameter near line 1, column 110 in HQL: [SELECT usr.name, usr.lowerName FROM com.atlassian.crowd.model.user.InternalUser usr WHERE usr.directory.id = ? ORDER BY usr.lowerName]. Positional parameter are considered deprecated; use named parameters or JPA-style positional parameters instead.
2017-12-19 19:05:44,550 WARN [http-nio-8090-exec-1] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 50297206dc1ae4a7 | userName: anonymous
2017-12-19 19:20:29,564 WARN [http-nio-8090-exec-3] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 6e36036a9a9909c9 | userName: anonymous
2017-12-19 19:21:01,344 WARN [http-nio-8090-exec-4] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: cad8fc32d74d5370 | userName: anonymous
2017-12-19 19:21:06,279 WARN [http-nio-8090-exec-7] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 4cfda27168d59ca7 | userName: anonymous
2017-12-19 19:46:45,591 WARN [http-nio-8090-exec-10] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: c082672e501a5c0e | userName: anonymous
2017-12-19 19:49:06,276 WARN [http-nio-8090-exec-4] [common.security.jersey.XsrfResourceFilter] passesAdditionalBrowserChecks Additional XSRF checks failed for request: http://sensitive.domain.com:443/confluence/rest/analytics/1.0/publish/bulk , origin: http://sensitive.domain.com:8090 , referrer: http://sensitive.domain.com:8090/confluence/login.action , credentials in request: false , allowed via CORS: false
-- referer: http://sensitive.domain.com:8090/confluence/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /confluence/rest/analytics/1.0/publish/bulk | traceId: 0ac45407167696bf | userName: anonymous
19-Dec-2017 18:40:57.208 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8090"]
19-Dec-2017 18:40:57.224 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read
19-Dec-2017 18:40:57.227 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 665 ms
19-Dec-2017 18:40:57.236 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service Tomcat-Standalone
19-Dec-2017 18:40:57.236 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet Engine: Apache Tomcat/8.0.41
2017-12-19 18:40:59,604 INFO [sensitive.domain.com-startStop-1] [com.atlassian.confluence.lifecycle] contextInitialized Starting Confluence 6.0.7 [build 7104 based on commit hash 0e21dd459285e7b3b5e0deaa2193b2af8bbb7c8b]
19-Dec-2017 18:42:42.614 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8090"]
19-Dec-2017 18:42:42.631 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 105403 ms
19-Dec-2017 18:42:42.700 INFO [http-nio-8090-exec-1] org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens
at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:233)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1017)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1524)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1480)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
19-Dec-2017 18:42:42.708 INFO [http-nio-8090-exec-2] org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens
at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:233)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1017)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1524)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1480)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
19-Dec-2017 18:43:03.394 INFO [http-nio-8090-exec-10] com.sun.jersey.server.impl.application.WebApplicationImpl._initiate Initiating Jersey application, version 'Jersey: 1.8-atlassian-16 03/23/2015 10:20 PM'
19-Dec-2017 18:43:04.247 INFO [http-nio-8090-exec-1] com.sun.jersey.server.impl.application.WebApplicationImpl._initiate Initiating Jersey application, version 'Jersey: 1.8-atlassian-16 03/23/2015 10:20 PM'
and here is my server.xml
<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector port="8090"
connectionTimeout="20000"
redirectPort="8443"
maxThreads="48"
minSpareThreads="10"
enableLookups="false"
acceptCount="10"
debug="0"
URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
secure="true"
scheme="http"
proxyName="sensitive.domain.com"
proxyPort="443"/>
<Engine name="Standalone" defaultHost="sensitive.domain.com" debug="0">
<Host name="sensitive.domain.com" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false">
<Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
<!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname="" />
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
</Context>
</Host>
</Engine>
<!--
To run Confluence via HTTPS:
* Uncomment the Connector below
* Execute:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
with a password value of "changeit" for both the certificate and the keystore itself.
* Restart and visit https://localhost:8443/
For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS
-->
<!--
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
-->
</Service>
</Server>
My current attempt is using 6.0.7 while migrating from 6.0.1. After writing this I am going to wipe and try again on 6.0.1.
Any help is greatly appreciated
My problem was solved: If anyone encounters this, it is complaining because you have specified in your configuration that Confluence should be accessed over SSL, and you're trying to login through http.
To solve this I installed NGINX as an internal proxy and set up a server over SSL that routed internally to confluence!
Thank you, thank you, thank you! I was installing Confluence from a chef recipe that set the secure settings to on. While I do intend to secure confluence before going into production, this was preventing us from performing an initial installation and testing setup, as I couldn't login as admin. Turning off secure fixed it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
I installed Confluence an Jira after that I configured apache as rever-proxy.
When I type the url of confluence in the address bar of my browser and hit "Enter", the url shows :
mydomain.com/login.action?os_destination=%2Findex.action&permissionViolation=true
I don't have any problem accessing Confluence neither Jira except that message.
What could be the issue?
Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.