JIra connection with Crowd Edited

 

I have a new Jira server installed in my AWS account. I'm getting below error while try to login.

 

2018-12-27 15:36:55,750 http-nio-8080-exec-17 ERROR anonymous 936x193x3 z0dw6 AA.BB.CC.DD,aa.bb.cc.dd /rest/gadget/1.0/login [c.a.c.manager.application.ApplicationServiceGeneric] Directory 'Crowd Server' is not functional during authentication of 'email@domain.com'. Skipped.
27-Dec-2018 15:36:56.035 WARNING [http-nio-8080-exec-17] com.sun.jersey.spi.container.servlet.WebComponent.filterFormParameters A servlet request, to the URI http://jira-new.domain.com/rest/gadget/1.0/login, contains form parameters in the request body but the request body has been consumed by the servlet or a servlet filter accessing the request parameters. Only resource methods using @FormParam will work as expected. Resource methods consuming the request body by other means will not work as expected.

 

2018-12-27 16:10:14,287 Caesium-1-4 INFO ServiceRunner [c.a.crowd.directory.DbCachingRemoteDirectory] FULL synchronisation for directory [ 10000 ] starting
2018-12-27 16:10:14,476 Caesium-1-4 INFO ServiceRunner [c.a.crowd.directory.DbCachingRemoteDirectory] failed synchronisation complete for directory [ 10000 ] in [ 189ms ]
2018-12-27 16:10:14,585 Caesium-1-4 ERROR ServiceRunner [c.atlassian.scheduler.JobRunnerResponse] Unable to synchronise directory
com.atlassian.crowd.exception.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 - Client with address "<Jira Server IP>" is forbidden from making requests to the application, jira.type Status reportmessage Client with address "<Jira Server IP>" is forbidden from making requests to the application, jira.description Access to the specified resource has been forbidden.Apache Tomcat/7.0.62
at com.atlassian.crowd.directory.RemoteCrowdDirectory.searchUsers(RemoteCrowdDirectory.java:390)
at com.atlassian.crowd.directory.ldap.cache.RemoteDirectoryCacheRefresher.findAllRemoteUsers(RemoteDirectoryCacheRefresher.java:55)
at com.atlassian.crowd.directory.ldap.cache.RemoteDirectoryCacheRefresher.synchroniseAllUsers(RemoteDirectoryCacheRefresher.java:90)
at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:90)
at com.atlassian.crowd.directory.ldap.cache.EventTokenChangedCacheRefresher.synchroniseAll(EventTokenChangedCacheRefresher.java:67)
at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1209)
at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:77)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:52)
at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:153)
at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:118)
at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:97)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.launchJob(CaesiumSchedulerService.java:443)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJob(CaesiumSchedulerService.java:438)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJobWithRecoveryGuard(CaesiumSchedulerService.java:462)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeQueuedJob(CaesiumSchedulerService.java:390)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:285)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:282)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeJob(SchedulerQueueWorker.java:65)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeNextJob(SchedulerQueueWorker.java:59)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.run(SchedulerQueueWorker.java:34)
at java.lang.Thread.run(Thread.java:745)

 

 

Here is the configuration:

Jira server resides in AWS with WideOpen to and from Crowd server residing on-premises.

 

I tried testing the connectivity - Turn GOOD to me.

https://community.atlassian.com/t5/Crowd-questions/Crowd-firewall-configuration-RHEL-7-4/qaq-p/736847

 

Reconfirmed IP whitelisting - NO Luck

https://confluence.atlassian.com/jirakb/connecting-jira-to-crowd-throwing-applicationpermissionexception-301662474.html

 

 

Even I tried removing Crowd  - NO Luck

./atlassian-jira/WEB-INF/classes/seraph-config.xml

 

<!-- CROWD:START - If enabling Crowd SSO integration uncomment the following SSOSeraphAuthenticator and comment out the JiraSeraphAuthenticator below -->
<!-- <authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/> -->
<!-- CROWD:END -->

<!-- CROWD:START - The authenticator below here will need to be commented out for Crowd SSO integration -->
<authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>
<!-- CROWD:END -->

 

 

 

1 answer

1 accepted

0 votes
Accepted answer

Hi,

This error message appears when you did not allow the IP in the crowd application settings for Jira.

https://confluence.atlassian.com/crowd/adding-an-application-18579591.html

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Wednesday in Jira

Make your Atlassian Cloud products more secure: our NEW admin security guide

Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...

45 views 0 2
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you