Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Crowd SSL upgrade

Balamurugan
Balamurugan January 10, 2016

After upgraded crowd from http to https not able to Login. Can see https URL in browser with valid certification details. 

looking forward with quick resolution. 

 

Thanks,

Bala

server config

 <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="<somesystemLocation>.keystore" keystorePass="changeit" keyAlias="crowdapp" useBodyEncodingForURI="true" URIEncoding="UTF-8"/>

 

error trace in log

2016-01-11 14:53:23,532 http-bio-8443-exec-24 ERROR [crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter] Unable to unset Crowd SSO token
org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.
org.codehaus.xfire.fault.XFireFault: Couldn't send message.
at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:30)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at com.sun.proxy.$Proxy360.authenticateApplication(Unknown Source)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.authenticate(SecurityServerClientImpl.java:235)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.getSoapApplicationToken(SecurityServerClientImpl.java:215)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.invalidateToken(SecurityServerClientImpl.java:326)
at com.atlassian.crowd.service.cache.CacheAwareAuthenticationManager.invalidate(CacheAwareAuthenticationManager.java:97)
at com.atlassian.crowd.integration.http.HttpAuthenticatorImpl.logoff(HttpAuthenticatorImpl.java:280)
at com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter.unsuccessfulAuthentication(CrowdSSOAuthenticationProcessingFilter.java:250)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:225)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
at com.atlassian.crowd.console.filter.CrowdDelegatingFilterProxy.doFilter(CrowdDelegatingFilterProxy.java:39)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareFilter.doFilter(StrutsPrepareFilter.java:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.atlassian.crowd.console.filter.LoginCsrfFilter.doFilterInternal(LoginCsrfFilter.java:47)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
[tdcifadm@x01sdcifcrd1a logs]$ cat catalina.out | grep "14:53:23,532" -A 30 -B 3
2016-01-11 14:53:23,459 http-bio-8443-exec-24 ERROR [xfire.transport.http.HttpChannel] javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
2016-01-11 14:53:23,460 http-bio-8443-exec-24 INFO [service.soap.client.SecurityServerClientImpl] Existing application token is null, authenticating ...
2016-01-11 14:53:23,530 http-bio-8443-exec-24 ERROR [xfire.transport.http.HttpChannel] javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
2016-01-11 14:53:23,532 http-bio-8443-exec-24 ERROR [crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter] Unable to unset Crowd SSO token
org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.
org.codehaus.xfire.fault.XFireFault: Couldn't send message.
at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:30)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at com.sun.proxy.$Proxy360.authenticateApplication(Unknown Source)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.authenticate(SecurityServerClientImpl.java:235)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.getSoapApplicationToken(SecurityServerClientImpl.java:215)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.invalidateToken(SecurityServerClientImpl.java:326)
at com.atlassian.crowd.service.cache.CacheAwareAuthenticationManager.invalidate(CacheAwareAuthenticationManager.java:97)
at com.atlassian.crowd.integration.http.HttpAuthenticatorImpl.logoff(HttpAuthenticatorImpl.java:280)
at com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter.unsuccessfulAuthentication(CrowdSSOAuthenticationProcessingFilter.java:250)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:225)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)

 

 

Answer
Watch
Like Phill Fox likes this
1227 views

2 answers

0 votes
Guilherme V.
Guilherme V.
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 11, 2016

Hey Bala,

Your logs are showing some messages like the ones in this article. Check if applying the resolution fixes your issue.

Nevertheless, your logs mentioned your SSO. Try disabling and re-enabling.

Cheers,

Reply
0 votes
Phill Fox
Phill Fox
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 10, 2016

Hi Bala

Please raise your request with support.atlassian.com so that they can quickly assist you. This forum is for end users who may have come across your problem but would not necessarily have full access to the resources to resolve.

View More Comments
Balamurugan
Balamurugan January 10, 2016

Sure, Thanks!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events