Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,457,963
Community Members
 
Community Events
176
Community Groups

Jira - Crowd not authentcating due to HTTP-403 error

I have migrated one Jira instance to another test instance , the migrated data is from Jira instance which is connected with Crowd.

 

I am trying to connect new migrated Jira instance with Crowd but i am facing problem due to following error.

 

Connection test failed. Response from the server:
com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 – ForbiddenType Status ReportMessage Client with address "10.100.4.219" is forbidden from making requests to the application, jirastg.Description The server understood the request but refuses to authorize it.Apache Tomcat/8.5.34

I have done following work around

Note: if you are migrating/upgrading a Jira instance that already uses Crowd, you will need to merge these files (not overwrite them).

  1. If Jira is running, shut it down first.
  2. Edit the JIRA/atlassian-jira/WEB-INF/classes/seraph-config.xml file. Comment out the authenticator node:

    <!--<authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>-->


    Uncomment the line that contains the new authenticator:

    <authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>
  3. Copy the crowd.properties file from CROWD/client/conf/ to JIRA/atlassian-jira/WEB-INF/classes.
  4. Edit JIRA/atlassian-jira/WEB-INF/classes/crowd.properties. Change the following properties:

  5. KeyValue

    application.name

    jira 
    The application name must match the name that you specified when you defined the application in Crowd (see Step 1 above).

    application.password

    The password must match the one that you specified when you defined the application in Crowd (see Step 1 above).

    crowd.base.url

    eg. (http://localhost:8095/crowd/)
    If your Crowd server's port is configured differently from the default (i.e. 8095), set it accordingly.

    crowd.base.url must be the same URL used to access Crowd in your Browser.

    session.validationinterval

    Set to 0, if you want authentication checks to occur on each request. Otherwise set to the number of minutes between request to validate if the user is logged in or out of the Crowd SSO server. Setting this value to 1 or higher will increase the performance of Crowd's integration.

 

 

2 answers

1 accepted

0 votes
Answer accepted

The problem was the migrated jira instance had a old crowd credentials in crowd.properties file and new server and crowd server subnet ip address were different. 

Solution: Edited crowd.properties file with latest crowd credentials and added both servers in same subnet group.

0 votes

Hi, 

did you add IP or hostname of new Jira instance into Crowd configuration in Applications -> app -> Remote Addresses ?

Yes i have added new jira instance ip address in remote addresses.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events