Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

JIra connection with Crowd

Sanal KP December 27, 2018

 

I have a new Jira server installed in my AWS account. I'm getting below error while try to login.

 

2018-12-27 15:36:55,750 http-nio-8080-exec-17 ERROR anonymous 936x193x3 z0dw6 AA.BB.CC.DD,aa.bb.cc.dd /rest/gadget/1.0/login [c.a.c.manager.application.ApplicationServiceGeneric] Directory 'Crowd Server' is not functional during authentication of 'email@domain.com'. Skipped.
27-Dec-2018 15:36:56.035 WARNING [http-nio-8080-exec-17] com.sun.jersey.spi.container.servlet.WebComponent.filterFormParameters A servlet request, to the URI http://jira-new.domain.com/rest/gadget/1.0/login, contains form parameters in the request body but the request body has been consumed by the servlet or a servlet filter accessing the request parameters. Only resource methods using @FormParam will work as expected. Resource methods consuming the request body by other means will not work as expected.

 

2018-12-27 16:10:14,287 Caesium-1-4 INFO ServiceRunner [c.a.crowd.directory.DbCachingRemoteDirectory] FULL synchronisation for directory [ 10000 ] starting
2018-12-27 16:10:14,476 Caesium-1-4 INFO ServiceRunner [c.a.crowd.directory.DbCachingRemoteDirectory] failed synchronisation complete for directory [ 10000 ] in [ 189ms ]
2018-12-27 16:10:14,585 Caesium-1-4 ERROR ServiceRunner [c.atlassian.scheduler.JobRunnerResponse] Unable to synchronise directory
com.atlassian.crowd.exception.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 - Client with address "<Jira Server IP>" is forbidden from making requests to the application, jira.type Status reportmessage Client with address "<Jira Server IP>" is forbidden from making requests to the application, jira.description Access to the specified resource has been forbidden.Apache Tomcat/7.0.62
at com.atlassian.crowd.directory.RemoteCrowdDirectory.searchUsers(RemoteCrowdDirectory.java:390)
at com.atlassian.crowd.directory.ldap.cache.RemoteDirectoryCacheRefresher.findAllRemoteUsers(RemoteDirectoryCacheRefresher.java:55)
at com.atlassian.crowd.directory.ldap.cache.RemoteDirectoryCacheRefresher.synchroniseAllUsers(RemoteDirectoryCacheRefresher.java:90)
at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:90)
at com.atlassian.crowd.directory.ldap.cache.EventTokenChangedCacheRefresher.synchroniseAll(EventTokenChangedCacheRefresher.java:67)
at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1209)
at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:77)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:52)
at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:153)
at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:118)
at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:97)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.launchJob(CaesiumSchedulerService.java:443)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJob(CaesiumSchedulerService.java:438)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJobWithRecoveryGuard(CaesiumSchedulerService.java:462)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeQueuedJob(CaesiumSchedulerService.java:390)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:285)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:282)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeJob(SchedulerQueueWorker.java:65)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeNextJob(SchedulerQueueWorker.java:59)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.run(SchedulerQueueWorker.java:34)
at java.lang.Thread.run(Thread.java:745)

 

 

Here is the configuration:

Jira server resides in AWS with WideOpen to and from Crowd server residing on-premises.

 

I tried testing the connectivity - Turn GOOD to me.

https://community.atlassian.com/t5/Crowd-questions/Crowd-firewall-configuration-RHEL-7-4/qaq-p/736847

 

Reconfirmed IP whitelisting - NO Luck

https://confluence.atlassian.com/jirakb/connecting-jira-to-crowd-throwing-applicationpermissionexception-301662474.html

 

 

Even I tried removing Crowd  - NO Luck

./atlassian-jira/WEB-INF/classes/seraph-config.xml

 

<!-- CROWD:START - If enabling Crowd SSO integration uncomment the following SSOSeraphAuthenticator and comment out the JiraSeraphAuthenticator below -->
<!-- <authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/> -->
<!-- CROWD:END -->

<!-- CROWD:START - The authenticator below here will need to be commented out for Crowd SSO integration -->
<authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>
<!-- CROWD:END -->

 

 

 

1 answer

1 accepted

0 votes
Answer accepted
Bastian Stehmann
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 27, 2018

Hi,

This error message appears when you did not allow the IP in the crowd application settings for Jira.

https://confluence.atlassian.com/crowd/adding-an-application-18579591.html

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events