Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Can't access Crowd from servers other than localhost

I have installed Crowd 2.2.2 on a test server ( and restored to it the XML backup from my production server ( The problem I'm having is that Crowd works perfectly when accessed from a browser on the local machine. I can authenticate via the URLs OR http://localhost/crowd:8095/console. What I can't do is access the Crowd server from any other machine. Requests simply time out. I have been assured by IT that port 8095 is open and is not being blocked by the network config.

I found a reference in CWD-2315 that imples that the problem lies with the cwd_application_address table still pointing to the production Crowd server (

The database on the test server shows the following:

mysql> select * from cwd_application_address where application_id = 3;
| application_id   | remote_address           | remote_address_binary | remote_address_mask |
|              3   |             | Ckovdg==              |                   0 |
|              3   |                | fwAAAQ==              |                   0 |
|              3   | localhost                | NULL                  |                   0 |
|              3   | | NULL                  |                   0 |

If I read the above correctly, I should update the cwd_application_address table on with an entry for the test server:

mysql> insert into cwd_application_address values ("3","","TBD TBD TBD","0");

I hesitate to start fooling with the database directly, but there's a certain amount of logic there. Has anyone else faced this problem and is this solution logical?

2 answers

1 accepted

1 vote
Answer accepted

D'oh! The solution had nothing to do with Crowd. The problem was that the Linux firewall was enabled and didn't have ports 8095 or 8080 open. I opened the ports and problem solved.

Hi, can you please explain what is failing? Can you access the Crowd URL from outside? If you can't even get to the Crowd URL and get any web page to display - this is definitely a network/connectivity/firewall issue somewhere within your network.

If you can but it fails to login, then it will potentially have to do with the remtoe address. Since you can login locally, I believe you can change this within the Crowd interface. Crowd authentication is itself an application within Crowd and there is a section to enter any remote addresses / interfaces.

From localhost the Crowd UI will serve. I can log in, make changes, et cetera. From any other machine if I try to open the Crowd UI the request simply times out.

I have also tried moving Crowd from port 8095 to port 8080 in order to test whether port 8095 really is blocked (despite assurances from IT). Instructions are located here. That brings with it a whole raft of other problems, as the Crowd app will serve on localhost:8080 but attempts to log in fail.

Log sample from login error (truncated):

2012-09-26 17:00:19,375 http-8080-2 ERROR [xfire.transport.http.HttpChannel] Connection refused
27 2012-09-26 17:00:19,377 http-8080-2 INFO [service.soap.client.SecurityServerClientImpl] Existing application token is null, authenticating ...
28 2012-09-26 17:00:19,379 http-8080-2 ERROR [xfire.transport.http.HttpChannel] Connection refused
29 2012-09-26 17:00:19,379 http-8080-2 ERROR [crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter] Unable to unset Crowd SSO token
30 org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.

Hi, if it will work on 8080 and 8095, that means that port or something to do with the port is blocked somewhere.

It should work on 8080 after correctly making the change. Can you attach the full log?

Attached is a logfile sample from the failed attempt to log in. The root logger is set to debug, so it's a bit large. I can provide the log from server startup if that's more illuminating. One thing that's clear (and very odd) is that while I've tried to root out any config file that uses port 8095, the server still won't really move there. The GUI will serve on 8080 but the logfiles still have entries mentioning port 8095.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

222 views 0 6
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you