Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

TokenAuthenticationManager.authenticateUser took long time

We see, that it took over 6 seconds to login into Jira, Confluence and crowd. The problems seems to be crowd.

Interesting is this: [6414ms] - TokenAuthenticationManager.authenticateUser()

 

We found in the log file:

 

2015-03-04 11:20:49,227 http-bio-8095-exec-15 DEBUG [crowd.dao.user.UserDAOHibernate] Saving or updating object: com.atlassian.crowd.model.user.InternalUserAttribute@11115b01[directory=com.atlassian.crowd.model.directory.DirectoryImpl_$$_jvstd6c_0@4178618[lowerName=domain activedirectory,description=,type=CONNECTOR,implementationClass=com.atlassian.crowd.directory.MicrosoftActiveDirectory,allowedOperations=[UPDATE_GROUP, DELETE_USER, CREATE_GROUP, CREATE_USER, DELETE_GROUP, UPDATE_USER],attributes={ldap.basedn=DC=domain,DC=de, ldap.user.filter=(&(objectClass=user)(memberOF=CN=s-g-crowd-users,CN=Users,DC=domain,DC=de)), ldap.user.username=sAMAccountName, ldap.usermembership.use=false, com.atlassian.crowd.directory.sync.lastdurationms=28762, ldap.role.objectclass=group, ldap.group.usernames=member, ldap.pagedresults.size=999, ldap.read.timeout=120000, ldap.connection.timeout=10000, ldap.group.filter=(objectCategory=Group), ldap.userdn=administrator@domain.de, ldap.external.id=objectGUID, ldap.roles.disabled=true, ldap.url=ldaps://dc2.domain.de, ldap.pagedresults=true, ldap.user.password=unicodePwd, ldap.user.lastname=sn, ldap.group.name=cn, ldap.role.dn=, ldap.referral=true, com.atlassian.crowd.directory.sync.issynchronising=false, ldap.group.dn=Cn=Users, ldap.relaxed.dn.standardisation=true, ldap.user.firstname=givenName, ldap.password=********, ldap.role.description=description, com.atlassian.crowd.directory.sync.cache.enabled=true, autoAddGroups=OpenID-Benutzer, crowd.sync.incremental.enabled=true, ldap.role.name=cn, ldap.usermembership.use.for.groups=true, ldap.user.objectclass=user, directory.cache.synchronise.interval=3600, ldap.nestedgroups.disabled=false, ldap.secure=true, ldap.user.username.rdn=cn, ldap.user.displayname=displayName, com.atlassian.crowd.directory.sync.laststartsynctime=1425464364925, ldap.user.email=mail, ldap.user.group=memberOf, localUserStatusEnabled=false, ldap.local.groups=false, ldap.group.description=description, ldap.role.filter=(objectclass=group), ldap.user.dn=Cn=Users, ldap.activedirectory.use_primary_groups=false, ldap.group.objectclass=group, ldap.role.usernames=member, ldap.search.timelimit=60000}],user=com.atlassian.crowd.model.user.InternalUser@4f30c848[id=524347,name=TestUser,createdDate=2012-01-13 11:05:05.036,updatedDate=Wed Mar 04 11:20:43 CET 2015,active=true,emailAddress=tu@domain.tld,firstName=Test,lastName=User,displayName=Test User,credential=com.atlassian.crowd.embedded.api.PasswordCredential@5fd467cd[credential=nopass,encryptedCredential=true],lowerName=TestUser,lowerEmailAddress=tu@domain.tld,lowerFirstName=Test,lowerLastName=User,lowerDisplayName=Test User,directoryId=491521,externalId=39a43facbdc50645bc391766b59b4a7a]]
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] User <TestUser> has access to the application <crowd>
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] generateUserToken: user TestUser
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: TestUser
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding remote address of 10.28.4.125
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: TestUser
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding remote address of 10.28.4.125
2015-03-04 11:20:49,240 http-bio-8095-exec-15 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Adding Random-Number of ValidationFactor[Random-Number=982085500436642489]
2015-03-04 11:20:49,241 http-bio-8095-exec-15 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] Saving and returning newly created token
2015-03-04 11:20:49,243 http-bio-8095-exec-15 DEBUG [crowd.manager.application.ApplicationServiceGeneric] Storing user attributes for user <TestUser> and application <crowd>
2015-03-04 11:20:49,250 http-bio-8095-exec-15 DEBUG [crowd.manager.permission.PermissionManagerImpl] Directory domain ActiveDirectory : Permission UPDATE_USER_ATTRIBUTE has been denied
2015-03-04 11:20:49,251 http-bio-8095-exec-15 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] Unable to update last active for user 'TestUser' as there are insufficient permissions to write for application 'crowd'
2015-03-04 11:20:49,252 http-bio-8095-exec-15 DEBUG [atlassian.util.profiling.UtilTimerStack] [6418ms] - SecurityServer.authenticatePrincipal()
[4ms] - SOAPService.validateSOAPService()
[0ms] - CrowdLicenseManager.isLicenseValid()
[0ms] - PropertyManager.getCurrentLicenseResourceTotal()
[1ms] - TokenAuthenticationManager.validateApplicationToken()
[0ms] - SessionTokenStorage.findByRandomHash()
[0ms] - PropertyManager.getSessionTime()
[0ms] - PropertyManager.getSessionTime()
[0ms] - PropertyManager.isIncludeIpAddressInValidationFactors()
[1ms] - SessionTokenStorage.update()
[0ms] - PropertyManager.isCacheEnabled()
[6414ms] - TokenAuthenticationManager.authenticateUser()
[1ms] - AliasManager.findUsernameByAlias()
[6390ms] - ApplicationService.authenticateUser()
[10ms] - ApplicationService.isUserAuthorised()
[0ms] - PropertyManager.isIncludeIpAddressInValidationFactors()
[1ms] - SessionTokenStorage.findByIdentifierHash()
[0ms] - SessionTokenStorage.add()
[8ms] - ApplicationService.storeUserAttributes()
[0ms] - PermissionManager.hasPermission()
[0ms] - AliasManager.findAliasByUsername()

1 answer

Hi Tobias,

May I know which version of Crowd you are using? It is possible that you are currently encountering a known bug as we realise that you are connected to your LDAP server through SSL.

https://jira.atlassian.com/browse/CWD-4070

For troubleshooting purposes, you might want to try to disable the SSL connection and see if the condition improve. Hope it helps.

Cheers,
Septa Cahyadiputra 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira

Comparison between Zephyr & Xray

I am sharing this article with both Zephyr and Xray information and everything should be in one place. It will be easy to know when selecting Zephyr or Xray. Zephyr and Xray are both Jira plug-ins u...

180 views 1 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you