Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,360,972
Community Members
 
Community Events
168
Community Groups

SAML SSO authentication is not working

Getting below error when trying to login via SAML SSO.

 

2022-08-15 01:28:07,667+0000 http-nio-8080-exec-10 ERROR anonymous 88x1303x1 1si4ue1 160.34.113.150,172.30.8.144 /plugins/servlet/samlconsumer [c.o.saml2.authn.SamlResponse] The response was received at http://xx-jira.oraclecorp.com/plugins/servlet/samlconsumer instead of https://xx-jira.oraclecorp.com/plugins/servlet/samlconsumer
2022-08-15 01:28:07,667+0000 http-nio-8080-exec-10 ERROR anonymous 88x1303x1 1si4ue1 160.34.113.150,172.30.8.144 /plugins/servlet/samlconsumer [c.onelogin.saml2.Auth] processResponse error. invalid_response

 

JIRA base URL is configured at https and also IDP is configured with https url. Any inputs please.

1 answer

Hi Naveen,

From the looks of it, even though your IDP tried to redirect to the https:// URL, the proxy settings on your server redirected to an HTTP connection. This usually happens when the tomcat server.xml file is misconfigured (you will find the file in the jira_install_folder/conf/). Even though you've set the base URL correctly, in addition you have to save the correct settings in server.xml configuring for an HTTPS connector instead of an HTTP connector (which is usually the default setup on a freshly configured Jira.

The connector you'll want to uncomment is under a comment section titled HTTPS - Proxying Jira via Apache or Nginx over HTTPS and should look something like this (remember to add your domain name to proxyName:


<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="<subdomain>.<domain>.com" proxyPort="443"/>



Hope this solves your issue!

Regards,
Elias
Kantega SSO
https://www.kantega-sso.com/

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
Community showcase
Published in Jira Software

An update on Jira Software customer feedback – June 2022

Hello Atlassian Community! Feedback from customers like you has helped us shape and improve Jira Software. As Head of Product, Jira Software, I wanted to take this opportunity to share an update on...

5,050 views 18 32
Read article

Atlassian Community Events