Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence user management via JIRA failed to authenticate

Admins
Admins
June 6, 2019

Hello,

We have fresh self hosted installation of Jira Core 8.2.1 and Confluence 6.15.4 at two separate servers(LXC) with Ubuntu 18.04. Both applications were successfully installed, configured postgresql 9.6 database connection and apache2 http/https proxy. After license input there were configured internal user directories at both application with their own administrator accounts.

We have followed instruction from https://confluence.atlassian.com/doc/integrating-jira-and-confluence-2825.html and in part "Delegate user management to Jira" selected option with instruction https://confluence.atlassian.com/doc/connecting-to-crowd-or-jira-for-user-management-229838465.html.

After successfully created Application in "Jira User Server" with "application name"=confluence, secure password and IP of confluence server. We used those credentials in confluence "User Directories" -> added "Attlassian Jira" and tested settings. Problem is that we always get error:

"Connection test failed. Response from the server:
com.atlassian.crowd.exception.InvalidAuthenticationException: Application failed to authenticate"

We are getting same error if HTTPS proxy via apache2 is used.

Also run test with stopped JIRA service and got correct error from test that could not reach user management rest service: 

"Connection test failed. Response from the server:
The following URL does not specify a valid Crowd User Management REST service: http://jira.example.com/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user"

 

Logs from one of "test settings":

CONFLUENCE logs:
/var/atlassian/application-data/confluence/logs/atlassian-confluence.log:
2019-06-06 15:44:10,564 WARN [http-nio-8090-exec-6] [confluence.impl.hibernate.ConfluenceHibernateTransactionManager] doRollback Performing rollback. Transactions:
->[com.atlassian.confluence.user.crowd.ConfluenceCrowdDirectoryService.testConnection]: PROPAGATION_REQUIRED,ISOLATION_DEFAULT,readOnly (Session #994532257)
-- referer: http://confluence.example.com/plugins/servlet/embedded-crowd/configure/jira/ | url: /plugins/servlet/embedded-crowd/configure/jira/ | traceId: ef3f5f925d55be36 | userName: admin
2019-06-06 15:44:10,566 ERROR [http-nio-8090-exec-6] [crowd.embedded.admin.ConfigurationController] handleSubmit Configuration test failed for user directory: [ JIRA Server], type: [ CROWD ]
-- referer: http://confluence.example.com/plugins/servlet/embedded-crowd/configure/jira/ | url: /plugins/servlet/embedded-crowd/configure/jira/ | traceId: ef3f5f925d55be36 | userName: admin
com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.InvalidAuthenticationException: Application failed to authenticate
...
Caused by: com.atlassian.crowd.exception.InvalidAuthenticationException: Application failed to authenticate
...

JIRA server apache logs:
/var/log/apache2/access.log
192.168.0.20 - - [06/Jun/2019:15:44:10 +0200] "POST /rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user HTTP/1.1" 401 574 "-" "Apache-HttpClient/4.5.5 (Java/1.8.0_202)"

/var/log/apache2/error.log
[Thu Jun 06 15:44:10.561030 2019] [proxy:trace2] [pid 3324:tid 139655055881984] mod_proxy.c(663): [client 192.168.0.20:41802] AH03461: attempting to match URI path '/rest/usermanagement/1/search' against prefix '/' for proxying
[Thu Jun 06 15:44:10.561063 2019] [proxy:trace1] [pid 3324:tid 139655055881984] mod_proxy.c(748): [client 192.168.0.20:41802] AH03464: URI path '/rest/usermanagement/1/search' matches proxy handler 'proxy:http://localhost:8080/rest/usermanagement/1/search'
[Thu Jun 06 15:44:10.561077 2019] [authz_core:debug] [pid 3324:tid 139655055881984] mod_authz_core.c(809): [client 192.168.0.20:41802] AH01626: authorization result of Require all granted: granted
[Thu Jun 06 15:44:10.561082 2019] [authz_core:debug] [pid 3324:tid 139655055881984] mod_authz_core.c(809): [client 192.168.0.20:41802] AH01626: authorization result of <RequireAny>: granted
[Thu Jun 06 15:44:10.561092 2019] [proxy_http:trace1] [pid 3324:tid 139655055881984] mod_proxy_http.c(60): [client 192.168.0.20:41802] HTTP: canonicalising URL //localhost:8080/rest/usermanagement/1/search
[Thu Jun 06 15:44:10.561111 2019] [proxy:trace2] [pid 3324:tid 139655055881984] proxy_util.c(1968): [client 192.168.0.20:41802] http: found worker http://localhost:8080/ for http://localhost:8080/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user
[Thu Jun 06 15:44:10.561119 2019] [proxy:debug] [pid 3324:tid 139655055881984] mod_proxy.c(1228): [client 192.168.0.20:41802] AH01143: Running scheme http handler (attempt 0)
[Thu Jun 06 15:44:10.561124 2019] [proxy_http:trace1] [pid 3324:tid 139655055881984] mod_proxy_http.c(1904): [client 192.168.0.20:41802] HTTP: serving URL http://localhost:8080/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user
[Thu Jun 06 15:44:10.561129 2019] [proxy:debug] [pid 3324:tid 139655055881984] proxy_util.c(2162): AH00942: HTTP: has acquired connection for (localhost)
[Thu Jun 06 15:44:10.561135 2019] [proxy:debug] [pid 3324:tid 139655055881984] proxy_util.c(2215): [client 192.168.0.20:41802] AH00944: connecting http://localhost:8080/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user to localhost:8080
[Thu Jun 06 15:44:10.561142 2019] [proxy:debug] [pid 3324:tid 139655055881984] proxy_util.c(2424): [client 192.168.0.20:41802] AH00947: connected /rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user to localhost:8080
[Thu Jun 06 15:44:10.561154 2019] [proxy:trace2] [pid 3324:tid 139655055881984] proxy_util.c(2707): HTTP: reusing backend connection [::1]:58496<>[::1]:8080
[Thu Jun 06 15:44:10.563631 2019] [proxy:debug] [pid 3324:tid 139655055881984] proxy_util.c(2177): AH00943: http: has released connection for (localhost)
[Thu Jun 06 15:44:10.563656 2019] [proxy_http:trace2] [pid 3324:tid 139655055881984] mod_proxy_http.c(1792): [client 192.168.0.20:41802] end body send

 

If you require more information or higher level of apache trace logs I can provide them.

 

With kind regards,

Jan Gardian

Admin

 

Answer
Watch
Like Be the first to like this
2906 views

2 answers

0 votes
Paresh Gandhi
Paresh Gandhi
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
August 20, 2014

I guess it is not appending ${fullname} (Do Not Reply - JIRA) to email address

Reply
0 votes
Paresh Gandhi
Paresh Gandhi
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
August 20, 2014

It is actually replacing ${fullname} (Do Not Reply - JIRA). with username which is present in AD for the email address.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security