We have the following issues with our Jira installation and we think they might be connected:
1. Wenn doing some HTTP POSTs we get a HTTP 403. Like when we click on the "Permission helper" button on https://jira.mycompany.com/jira/plugins/servlet/project-config/XXXX/permissions nothing happens.
When loading https://jira.mycompany.com//jira/plugins/servlet/project-config/XXXX/permissions we get a 403 for jira/rest/webResources/1.0/resources and jira/rest/analytics/1.0/publish/bulk.
(Cookie: atlassian.xsrf.token=B7T9-41LS-D1L1-IBGJ_37a4583a613a1dd294b70c6aae0300200243a1f8_lin; JSESSIONID=578A399422EE973B591DFCF8B8C9276F; jira.editor.user.mode=wysiwyg; TEX=MTUzNzMzOTk1NXxOUEtUbHZLNTZnYjdaQ1c2d1JfZ0lHa1dXLWY4SXdLVEpzRXp5MDRDN0stdy1NU2thcGg5eTNsazFTekVFclNzS2Rka1l0UW1rNXh1NzVxaExzSVpBeWQ2Y09Wal9zY2puelZlUlRLamhQMUVGNWVLNmFrZ1RZSEF1YkMzYmhMTkV5OHNlMTV1MElqYnlmenBUSDU0SXhTT1ZqUjBKZk1WclZyNnVZMXYwQWdoT3hxcjZUUU1RbFJjcWtaRnNRPT18srBukzKiGDjpScfTu3I6B2YbE6xg9vNteUQck-oOdWc=)
The log gives entries like:
2018-09-19 07:05:30,829 http-nio-8080-exec-22 WARN admin 425x882x1 1t997dj 10.6.33.111,127.0.0.1,10.6.30.83,10.6.30.59 /rest/plugins/self-update/1.0/ [c.a.p.r.c.security.jersey.XsrfResourceFilter] Additional XSRF checks failed for request: https://jira.mycompany.com/jira/rest/webResources/1.0/resources , origin: null , referrer: null , credentials in request: true , allowed via CORS: false
(Why is origin null?)
2. The sidebar does not show:
Other POST requests work fine (editing issues etcetera).
The connector in server.xml is configured like this:
<Connector port="8080"
maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"
enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
proxyName="jira.mycompany.com"
proxyPort="443"
scheme="https"
/>
Jira Version: 7.12.1
When starting up one error occurred:
2018-09-19 06:55:12,118 http-nio-8080-exec-1 ERROR anonymous 415x1x1 - 10.6.33.111,127.0.0.1,10.6.30.83,10.6.30.59 /rest/gadget/1.0/dateCountInPeriod [c.atlassian.instrumentation.Instrument] Unable to snapshot thread local operations (implementation of OpTimerFactory is not a ThreadLocalOpTimerFactory): null
Hi,
What was the solution here, could you please describe?
Thanks inadvance!
Hi Dirk,
This is an interesting problem! Some questions:
At first glance I agree that the problems you listed do appear to be connected. From the information you've gathered it looks like there's a URL mismatch somewhere in the chain (reverse proxy thinks the application URL is one thing, Jira thinks it's something else).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.