Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

Crowd SSL upgrade

Balamurugan
Balamurugan Jan 10, 2016

After upgraded crowd from http to https not able to Login. Can see https URL in browser with valid certification details. 

looking forward with quick resolution. 

 

Thanks,

Bala

server config

 <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="<somesystemLocation>.keystore" keystorePass="changeit" keyAlias="crowdapp" useBodyEncodingForURI="true" URIEncoding="UTF-8"/>

 

error trace in log

2016-01-11 14:53:23,532 http-bio-8443-exec-24 ERROR [crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter] Unable to unset Crowd SSO token
org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.
org.codehaus.xfire.fault.XFireFault: Couldn't send message.
at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:30)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at com.sun.proxy.$Proxy360.authenticateApplication(Unknown Source)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.authenticate(SecurityServerClientImpl.java:235)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.getSoapApplicationToken(SecurityServerClientImpl.java:215)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.invalidateToken(SecurityServerClientImpl.java:326)
at com.atlassian.crowd.service.cache.CacheAwareAuthenticationManager.invalidate(CacheAwareAuthenticationManager.java:97)
at com.atlassian.crowd.integration.http.HttpAuthenticatorImpl.logoff(HttpAuthenticatorImpl.java:280)
at com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter.unsuccessfulAuthentication(CrowdSSOAuthenticationProcessingFilter.java:250)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:225)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
at com.atlassian.crowd.console.filter.CrowdDelegatingFilterProxy.doFilter(CrowdDelegatingFilterProxy.java:39)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareFilter.doFilter(StrutsPrepareFilter.java:91)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.atlassian.crowd.console.filter.LoginCsrfFilter.doFilterInternal(LoginCsrfFilter.java:47)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
[tdcifadm@x01sdcifcrd1a logs]$ cat catalina.out | grep "14:53:23,532" -A 30 -B 3
2016-01-11 14:53:23,459 http-bio-8443-exec-24 ERROR [xfire.transport.http.HttpChannel] javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
2016-01-11 14:53:23,460 http-bio-8443-exec-24 INFO [service.soap.client.SecurityServerClientImpl] Existing application token is null, authenticating ...
2016-01-11 14:53:23,530 http-bio-8443-exec-24 ERROR [xfire.transport.http.HttpChannel] javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
2016-01-11 14:53:23,532 http-bio-8443-exec-24 ERROR [crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter] Unable to unset Crowd SSO token
org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.
org.codehaus.xfire.fault.XFireFault: Couldn't send message.
at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:30)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at com.sun.proxy.$Proxy360.authenticateApplication(Unknown Source)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.authenticate(SecurityServerClientImpl.java:235)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.getSoapApplicationToken(SecurityServerClientImpl.java:215)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.invalidateToken(SecurityServerClientImpl.java:326)
at com.atlassian.crowd.service.cache.CacheAwareAuthenticationManager.invalidate(CacheAwareAuthenticationManager.java:97)
at com.atlassian.crowd.integration.http.HttpAuthenticatorImpl.logoff(HttpAuthenticatorImpl.java:280)
at com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter.unsuccessfulAuthentication(CrowdSSOAuthenticationProcessingFilter.java:250)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:225)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)

 

 

Answer
Watch
Like 1 person likes this

2 answers

0 votes
Phill Fox
Phill Fox Jan 10, 2016

Hi Bala

Please raise your request with support.atlassian.com so that they can quickly assist you. This forum is for end users who may have come across your problem but would not necessarily have full access to the resources to resolve.

View More Comments
Balamurugan
Balamurugan Jan 10, 2016

Sure, Thanks!

Like
Reply
0 votes
Guilherme Viana
Guilherme Viana Atlassian Team Jan 11, 2016

Hey Bala,

Your logs are showing some messages like the ones in this article. Check if applying the resolution fixes your issue.

Nevertheless, your logs mentioned your SSO. Try disabling and re-enabling.

Cheers,

Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Emilee Spencer
Emilee Spencer
Published Friday in Jira Service Desk

Are you a Jira Service Desk agent? We want to talk to you!

Are you a whiz at handling tickets and looking at how you can further optimize your workflow with automation? Do you tackle detailed customer support questions while simultaneously getting flooded wi...

138 views 0 7
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you