I have a new Jira server installed in my AWS account. I'm getting below error while try to login.
2018-12-27 15:36:55,750 http-nio-8080-exec-17 ERROR anonymous 936x193x3 z0dw6 AA.BB.CC.DD,aa.bb.cc.dd /rest/gadget/1.0/login [c.a.c.manager.application.ApplicationServiceGeneric] Directory 'Crowd Server' is not functional during authentication of 'email@domain.com'. Skipped.
27-Dec-2018 15:36:56.035 WARNING [http-nio-8080-exec-17] com.sun.jersey.spi.container.servlet.WebComponent.filterFormParameters A servlet request, to the URI http://jira-new.domain.com/rest/gadget/1.0/login, contains form parameters in the request body but the request body has been consumed by the servlet or a servlet filter accessing the request parameters. Only resource methods using @FormParam will work as expected. Resource methods consuming the request body by other means will not work as expected.
2018-12-27 16:10:14,287 Caesium-1-4 INFO ServiceRunner [c.a.crowd.directory.DbCachingRemoteDirectory] FULL synchronisation for directory [ 10000 ] starting
2018-12-27 16:10:14,476 Caesium-1-4 INFO ServiceRunner [c.a.crowd.directory.DbCachingRemoteDirectory] failed synchronisation complete for directory [ 10000 ] in [ 189ms ]
2018-12-27 16:10:14,585 Caesium-1-4 ERROR ServiceRunner [c.atlassian.scheduler.JobRunnerResponse] Unable to synchronise directory
com.atlassian.crowd.exception.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 - Client with address "<Jira Server IP>" is forbidden from making requests to the application, jira.type Status reportmessage Client with address "<Jira Server IP>" is forbidden from making requests to the application, jira.description Access to the specified resource has been forbidden.Apache Tomcat/7.0.62
at com.atlassian.crowd.directory.RemoteCrowdDirectory.searchUsers(RemoteCrowdDirectory.java:390)
at com.atlassian.crowd.directory.ldap.cache.RemoteDirectoryCacheRefresher.findAllRemoteUsers(RemoteDirectoryCacheRefresher.java:55)
at com.atlassian.crowd.directory.ldap.cache.RemoteDirectoryCacheRefresher.synchroniseAllUsers(RemoteDirectoryCacheRefresher.java:90)
at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:90)
at com.atlassian.crowd.directory.ldap.cache.EventTokenChangedCacheRefresher.synchroniseAll(EventTokenChangedCacheRefresher.java:67)
at com.atlassian.crowd.directory.DbCachingRemoteDirectory.synchroniseCache(DbCachingRemoteDirectory.java:1209)
at com.atlassian.crowd.manager.directory.DirectorySynchroniserImpl.synchronise(DirectorySynchroniserImpl.java:76)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.synchronizeDirectory(JiraDirectorySynchroniser.java:77)
at com.atlassian.jira.crowd.embedded.JiraDirectorySynchroniser.runJob(JiraDirectorySynchroniser.java:52)
at com.atlassian.scheduler.core.JobLauncher.runJob(JobLauncher.java:153)
at com.atlassian.scheduler.core.JobLauncher.launchAndBuildResponse(JobLauncher.java:118)
at com.atlassian.scheduler.core.JobLauncher.launch(JobLauncher.java:97)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.launchJob(CaesiumSchedulerService.java:443)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJob(CaesiumSchedulerService.java:438)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeClusteredJobWithRecoveryGuard(CaesiumSchedulerService.java:462)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService.executeQueuedJob(CaesiumSchedulerService.java:390)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:285)
at com.atlassian.scheduler.caesium.impl.CaesiumSchedulerService$1.consume(CaesiumSchedulerService.java:282)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeJob(SchedulerQueueWorker.java:65)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.executeNextJob(SchedulerQueueWorker.java:59)
at com.atlassian.scheduler.caesium.impl.SchedulerQueueWorker.run(SchedulerQueueWorker.java:34)
at java.lang.Thread.run(Thread.java:745)
Here is the configuration:
Jira server resides in AWS with WideOpen to and from Crowd server residing on-premises.
I tried testing the connectivity - Turn GOOD to me.
https://community.atlassian.com/t5/Crowd-questions/Crowd-firewall-configuration-RHEL-7-4/qaq-p/736847
Reconfirmed IP whitelisting - NO Luck
https://confluence.atlassian.com/jirakb/connecting-jira-to-crowd-throwing-applicationpermissionexception-301662474.html
Even I tried removing Crowd - NO Luck
./atlassian-jira/WEB-INF/classes/seraph-config.xml
<!-- CROWD:START - If enabling Crowd SSO integration uncomment the following SSOSeraphAuthenticator and comment out the JiraSeraphAuthenticator below -->
<!-- <authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/> -->
<!-- CROWD:END -->
<!-- CROWD:START - The authenticator below here will need to be commented out for Crowd SSO integration -->
<authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>
<!-- CROWD:END -->
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.