check token isAuthenticated is false

a111111 September 13, 2021

I was testing the crowd sso function.

I generated token success.

but when I use the method httpAuthenticator.isAuthenticated(request,response) to check token,it always flase.How can I do to check the reason?

1 answer

0 votes
Ruslan Tkachuk June 8, 2022

Hi @a111111 

The most correct way to check a token (stored in cookies for SSO configuration) will be using the 'validate token' method in Crowd REST API. https://docs.atlassian.com/atlassian-crowd/4.4.1/REST/#usermanagement/1/session-validateToken

Example:
1. Create a new application in Crowd for SSO. Ex: Jira application type with name - jiraapp and password - jirapsw
2. Add to jiraapp a new directory + group + user (ex: jirauser). User should be able to sing-in to jiraapp and crowd
3. Sign-in into Crowd like jirauser. Check cookie and copy the token value.


curl --location --request POST 'http://<host>:<port>/crowd/rest/usermanagement/1/session/<token value>' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Basic <jiraapp:jirapsw to Base64>' \
--data-raw '{
"validationFactors": [
{
"name": "remote_address",
"value": "<IP of Jira or 127.0.0.1 for locall instalation>"
}
]
}
'

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events