Crowd 2.7.0 crashes when running behind Apache mod_proxy with SSL

Christian Schlaefcke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 25, 2013

Hi,

I just upgraded to crowd 2.7.0 and encounter a strange problem since that.

When I start crowd everything looks fine. When I access the crowd web interface I can log in and browse the different sections (applications, directories, etc.). When I enter the details of a certain section (e.g. the crowd-application in the applications section) the browser requests hangs and ends up in a "502 Proxy Error".

The logs are quite noiseless about this:

*********************************************************************************************
*
*  You can now use the Crowd server by visiting https://atlasapps.myhost.net/crowd
*
*********************************************************************************************

2013-09-26 17:11:15,105 localhost-startStop-1 INFO [ContainerBase.[Catalina].[localhost].[/crowd]] org.tuckey.web.filters.urlrewrite.UrlRewriteFilter INFO: loaded (conf ok)

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:11:15,105 localhost-startStop-1 INFO [ContainerBase.[Catalina].[localhost].[/crowd]] org.tuckey.web.filters.urlrewrite.UrlRewriteFilter INFO: loaded (conf ok)

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.2013-09-26.log <==
Sep 26, 2013 5:11:15 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /opt/atlassian/inst/crowd-2.7.0/apache-tomcat/webapps/ROOT

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
Sep 26, 2013 5:11:15 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory /opt/atlassian/inst/crowd-2.7.0/apache-tomcat/webapps/ROOT

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.2013-09-26.log <==
Sep 26, 2013 5:11:15 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8095"]

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
Sep 26, 2013 5:11:15 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8095"]

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.2013-09-26.log <==
Sep 26, 2013 5:11:15 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 45471 ms

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
Sep 26, 2013 5:11:15 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 45471 ms
2013-09-26 17:12:01,242 http-bio-8095-exec-2 INFO [service.soap.client.SecurityServerClientImpl] Existing application token is null, authenticating ...

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:12:01,242 http-bio-8095-exec-2 INFO [service.soap.client.SecurityServerClientImpl] Existing application token is null, authenticating ...

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
2013-09-26 17:12:01,414 http-bio-8095-exec-5 INFO [ContainerBase.[Catalina].[localhost].[/crowd]] Initializing Spring FrameworkServlet 'xfire'

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:12:01,414 http-bio-8095-exec-5 INFO [ContainerBase.[Catalina].[localhost].[/crowd]] Initializing Spring FrameworkServlet 'xfire'

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
2013-09-26 17:12:01,482 http-bio-8095-exec-5 WARN [beans.factory.config.CustomEditorConfigurer] Passing PropertyEditor instances into CustomEditorConfigurer is deprecated: use PropertyEditorRegistrars or PropertyEditor class names instead. Offending key [org.codehaus.xfire.service.ServiceFactory; offending editor instance: org.codehaus.xfire.spring.editors.ServiceFactoryEditor@33279683

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:12:01,482 http-bio-8095-exec-5 WARN [beans.factory.config.CustomEditorConfigurer] Passing PropertyEditor instances into CustomEditorConfigurer is deprecated: use PropertyEditorRegistrars or PropertyEditor class names instead. Offending key [org.codehaus.xfire.service.ServiceFactory; offending editor instance: org.codehaus.xfire.spring.editors.ServiceFactoryEditor@33279683

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
2013-09-26 17:12:02,996 http-bio-8095-exec-2 INFO [service.soap.client.SecurityServerClientImpl] Created new application token: nSk4ZyZKM0uQN2dMQr7NCg00

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:12:02,996 http-bio-8095-exec-2 INFO [service.soap.client.SecurityServerClientImpl] Created new application token: nSk4ZyZKM0uQN2dMQr7NCg00

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
2013-09-26 17:13:36,950 http-bio-8095-exec-22 ERROR [xfire.transport.http.HttpChannel] Server returned error code = 502 for URI : https://atlasapps.myhost.net/crowd/services/SecurityServer. Check server logs for details

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:13:36,950 http-bio-8095-exec-22 ERROR [xfire.transport.http.HttpChannel] Server returned error code = 502 for URI : https://atlasapps.myhost.net/crowd/services/SecurityServer. Check server logs for details

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
2013-09-26 17:13:36,953 http-bio-8095-exec-10 ERROR [xfire.transport.http.HttpChannel] Server returned error code = 502 for URI : https://atlasapps.myhost.net/crowd/services/SecurityServer. Check server logs for details

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:13:36,953 http-bio-8095-exec-10 ERROR [xfire.transport.http.HttpChannel] Server returned error code = 502 for URI : https://atlasapps.myhost.net/crowd/services/SecurityServer. Check server logs for details

==> /opt/atlassian/inst/crowd/apache-tomcat/logs/catalina.out <==
2013-09-26 17:13:38,921 http-bio-8095-exec-16 ERROR [xfire.transport.http.HttpChannel] Server returned error code = 502 for URI : https://atlasapps.myhost.net/crowd/services/SecurityServer. Check server logs for details

==> /opt/atlassian/data/crowd/logs/atlassian-crowd.log <==
2013-09-26 17:13:38,921 http-bio-8095-exec-16 ERROR [xfire.transport.http.HttpChannel] Server returned error code = 502 for URI : https://atlasapps.myhost.net/crowd/services/SecurityServer. Check server logs for details

I already searched at the available Atlassian resources and google indeed - unfortunately without success :-(

Any help would be very appreciated!

Regards,

Christian

1 answer

1 accepted

3 votes
Answer accepted
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
October 26, 2013

There are some known issues with Crowd 2.7 when tokens are stored in database. See https://jira.atlassian.com/browse/CWD-3697 and related tickets.

The workaround is to store them in memory. See https://confluence.atlassian.com/display/CROWD/Session+Configuration#SessionConfiguration-token

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events