Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Log in to crowd console -> Invalid login

Saxess Software GmbH
Saxess Software GmbH April 26, 2018

Hello,

when i want to login to crowd i get now an error invalid login. The last sucessful login was before some weeks and today i get unexpectedly this error. 
The used username(with adminrights) is located in crowd internal directory and is present in db-table cwd_user and active='T'. Also (crypted) credentials are stored.

The logfile in ApplicationData\Crowd\logs\atlassian-crowd.log gives me no further information about the login-failure.

Version is Crowd 3.1.2 

With a second internal account its the same.

What can i do?

 

Thanks in advance

 

Lars

Answer
Watch
Like Be the first to like this
1704 views

3 answers

0 votes
Saxess Software GmbH
Saxess Software GmbH May 30, 2018

The story goes on....
A few days later the error 'invalid login' came again. Ok, a step forward could help and so i installed crowd version 3.2.1 and the new Java version.

After that, the problem was solved (on 8. May), login and syncing were again possible.

And now, 3 weeks later the same problem again :-\

Invalid Login and no sync with Azure Active Directory. A reinstall (with the same ApplicationData-Directory) was not successful.


In Logfiles are in
-..\apache-tomcat\logs\catalina.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stderr.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stdout.2018-05-30.log -> 2 Errors:

2018-05-30 11:24:37,732 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement


2018-05-30 11:51:40,940 Caesium-2-1 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 622593 ].


Have you an idea, what is to do?

 

System is:
Crowd 3.2.1
MS Windows 2016 Server Datacenter in Azure VM
Azure SQL DB
Java jdk and jre 1.8.0_172

Reply
0 votes
Saxess Software GmbH
Saxess Software GmbH May 30, 2018

The story goes on....
A few days later the error 'invalid login' came again. Ok, a step forward could help and so i installed crowd version 3.2.1 and the new Java version. 

After that, the problem was solved (on 8. May), login and syncing were again possible.

And now, 3 weeks later the same problem again :-\ 

Invalid Login and no sync with Azure Active Directory. A reinstall (with the same ApplicationData-Directory) was not successful.


In Logfiles are in 
-..\apache-tomcat\logs\catalina.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stderr.2018-05-30.log -> 0 Errors
-..\apache-tomcat\logs\crowd-stdout.2018-05-30.log -> 2 Errors:

2018-05-30 11:24:37,732 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement


2018-05-30 11:51:40,940 Caesium-2-1 ERROR [atlassian.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 622593 ].


Have you a idea, what is to do? 

 

System is: 
Crowd 3.2.1
MS Windows 2016 Server Datacenter in Azure VM
Azure SQL DB
Java jdk and jre 1.8.0_172

Reply
0 votes
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 26, 2018

Hi @Saxess Software GmbH

Please follow Atlassian's documentation to restore your admin password: https://confluence.atlassian.com/crowdkb/restoring-passwords-to-recover-admin-user-rights-283642653.html

View More Comments
Saxess Software GmbH
Saxess Software GmbH April 26, 2018

Thank you Bruno Vincent for your help.

I(or a colleague) had no bad password attempts between last successful and today for this user.
table cwd_user_attribute 
 requiresPasswordChange : false
 invalidPasswordAttempts : 0 


But for sure: I've updated the database(MSSQL) table 'cwd_user' -> my internal user with the hash(atlassian-security) value for password 'admin' like in your documentation link. Restarted service crowd and still "invalid login" now with password 'admin'.


Then i've checked the tables / entry's listed under section 'If No Local Users Exist' and compared it with my actual entrys. Cannot found differences with the execption of id-numbers and username. 

My last action before the "invalid login" event was yesterday to setup ssl/https for jira/confluence/bitbucket. But only on this 3 services, no changes in crowd. Could this be a side effect from ssl? But in my understanding has this nothing to do with each other.
 

Like
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 26, 2018

You wrote you already checked the atlassian-crowd.log file. Did you also check what you get in apache-tomcat/logs/catalina.out?

Like
Saxess Software GmbH
Saxess Software GmbH April 27, 2018

Ok, in ..\Crowd\3.1.2\apache-tomcat\logs\catalina.2018-04-27.log(and older) was an error ...

26-Apr-2018 07:36:58.805 WARNING [main] org.apache.catalina.core.AprLifecycleListener.init The APR based Apache Tomcat Native library failed to load. The error reported was [C:\..\Atlassian\Application\Crowd\3.1.2\apache-tomcat\bin\tcnative-1.dll: Can't load IA 32-bit .dll on a AMD 64-bit platform]


Here is an workaround/solution for that: https://jira.atlassian.com/browse/CWD-4869?page=com.atlassian.jira.plugin.system.issuetabpanels%3Achangehistory-tabpanel

Like described here, i've replaced the installed 32Bit tcnative-1.dll with the 64Bit one, restarted the crowd service and now it works. Successful login is possible again! :-)

The error was from the beginning -crowd installingdate- in 02/2018 in the logfile but in the past had this no negative effect. Logins were working fine. And now, after some time was this a problem?

Another cause could be the replacing of two files in two JAVA-Dirs this week:
...\Java\jdk1.8.0_152\jre\lib\security\policy\
...\Java\jre1.8.0_152\lib\security\policy\
local_policy.jar
US_export_policy.jar
(Its JAVA Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files)

It was necessary to load SSL keypairs into the JAVA keystore for using https in JIRA/Confluence/Bitbucket. And maybe this jars and tcnative-1.dll are also used for the crowd credentials -> hash-code atlassian-security??? But its only speculation...

 

Thank you very much.

Like
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 27, 2018

Hi @Saxess Software GmbH

Thanks for letting us know about the resolution of that issue.

FYI you might want to upgrade to JDK 1.8.0_161 as unlimited cryptography is enabled by default from that version so you don't need to replace jar files anymore: http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html#JDK-8170157

You might also want to upgrade to Crowd 3.2 which bundles both 32 and 64 bit Tomcat binaries: https://confluence.atlassian.com/crowd/installing-crowd-and-crowdid-191862.html#InstallingCrowdandCrowdID-2.InstallCrowd

(Please see the paragraph titled 'Installing Crowd on Windows with 64-bit JVM')

Like
Saxess Software GmbH
Saxess Software GmbH April 27, 2018

Thank you for your Information!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events