Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Jira - Crowd not authentcating due to HTTP-403 error

Shivaprasad Hattaraki July 15, 2019

I have migrated one Jira instance to another test instance , the migrated data is from Jira instance which is connected with Crowd.


I am trying to connect new migrated Jira instance with Crowd but i am facing problem due to following error.


Connection test failed. Response from the server:
com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 – ForbiddenType Status ReportMessage Client with address "" is forbidden from making requests to the application, jirastg.Description The server understood the request but refuses to authorize it.Apache Tomcat/8.5.34

I have done following work around

Note: if you are migrating/upgrading a Jira instance that already uses Crowd, you will need to merge these files (not overwrite them).

  1. If Jira is running, shut it down first.
  2. Edit the JIRA/atlassian-jira/WEB-INF/classes/seraph-config.xml file. Comment out the authenticator node:

    <!--<authenticator class=""/>-->

    Uncomment the line that contains the new authenticator:

    <authenticator class=""/>
  3. Copy the file from CROWD/client/conf/ to JIRA/atlassian-jira/WEB-INF/classes.
  4. Edit JIRA/atlassian-jira/WEB-INF/classes/ Change the following properties:

  5. KeyValue

    The application name must match the name that you specified when you defined the application in Crowd (see Step 1 above).


    The password must match the one that you specified when you defined the application in Crowd (see Step 1 above).


    eg. (http://localhost:8095/crowd/)
    If your Crowd server's port is configured differently from the default (i.e. 8095), set it accordingly.

    crowd.base.url must be the same URL used to access Crowd in your Browser.


    Set to 0, if you want authentication checks to occur on each request. Otherwise set to the number of minutes between request to validate if the user is logged in or out of the Crowd SSO server. Setting this value to 1 or higher will increase the performance of Crowd's integration.



2 answers

1 accepted

0 votes
Answer accepted
Shivaprasad Hattaraki September 10, 2020

The problem was the migrated jira instance had a old crowd credentials in file and new server and crowd server subnet ip address were different. 

Solution: Edited file with latest crowd credentials and added both servers in same subnet group.

0 votes
Petr Vaníček
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 15, 2019


did you add IP or hostname of new Jira instance into Crowd configuration in Applications -> app -> Remote Addresses ?

Shivaprasad Hattaraki July 15, 2019

Yes i have added new jira instance ip address in remote addresses.

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events