Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

HttpSession destroyed immediatly after authentication

Andreas Hirtzel
Andreas Hirtzel July 2, 2019

Have upgraded my Jira installation from 8.0.2 to 8.2.2. Now I can't login anymore. secure/Dashboard.jspa says invalid user or wrong password. But it is not. If I call an issue directly (e.g. /browse/#issueno) I get a login screen and can access the issue. Found no log entries for invalid credentials. In atlassian-jira-security.log are some wierd entries that the user passes the authentication and immediatly the session was destroyed.

2019-07-02 11:01:32,557 http-nio-8081-exec-23 USER 661x1832x1 19p4uas IP:50263,IP /secure/admin/WebSudoAuthenticate.jspa The user 'USER' has PASSED authentication.
2019-07-02 11:01:32,557 http-nio-8081-exec-23 USER 661x1832x1 19p4uas IP:50263,IP /secure/admin/WebSudoAuthenticate.jspa HttpSession [19p4uas] destroyed for 'USER'
2019-07-02 11:01:32,557 http-nio-8081-exec-23 USER 661x1832x1 19p4uas IP:50263,IP /secure/admin/WebSudoAuthenticate.jspa HttpSession created [7qw0ie]

I am running Jira on Windows Server 2012R2 behind IIS with ARR.

Answer
Watch
Like Be the first to like this
2199 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 8, 2019

Hi Andreas,

If I understand correctly, after an upgrade to Jira you can no longer login to Jira on some pages.  Since we know you're using an IIS reverse proxy in front of Jira, it seems likely that this could be a factor in regards to the upgrade itself.

I am curious to see if perhaps your $JIRAINSTALL/conf/server.xml was overwritten during the upgrade.  If so, it could have lost the customizations needed to work with your proxy as expected.  You might want to walk through the guide in Integrating Jira applications with IIS

If that doesn't help, then I'd be interested to see if you can actually try to disable secure administrator sessions in your Jira site.  Steps to do this are in Configuring secure administrator sessions.  I only suggest this because the error messages you posted seem to be the websudo (aka secure administrator) sessions Jira tends to have enabled by default.   It might help to disable this and restart Jira.

If that doesn't help, I would be interested to learn more about your environment, such as, are you utilizing any different authentication or SSO solutions with Jira?  Such as Okta, onelogin, Atlassian Crowd, or alike?  Sometimes these will have different authentication methods than the native ones that Jira ships with.  It might be a factor here if these exists in your environment.

Regards,

Andy

View More Comments
Andreas Hirtzel
Andreas Hirtzel July 10, 2019

Hi Andy,

thanks for your response. The settings in $JIRAINSTALL/conf/server.xml were overwritten during the upgrade. I restore them every time I do an upgrade. Also this time. As I can see, there are no setting changes in the new release. I also checked the IIS integration as described in Integrating Jira applications with IIS. I checked the settings as described. Looks good. But I am not sure, the connector works. I have no recent entries in the log file.

Like
Like
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 22, 2019

That's very strange to see.  I'm curious to see how far this problem extends.  I would be interested to see if you can follow the steps in How to bypass a Proxy and SSL to test network connectivity.  I am interested to learn if the same problem happens when accessing Jira on a port/address that bypasses your IIS proxy.  If it does then the problem is likely not the proxy.  However if we can't recreate on this local connection, it tends to indicate that IIS is a factor here.

I'd be interested to see if perhaps you can generate a HAR file when this attempt to login via the dashboard happens.  I'd be interested to see if the browser console logs are showing any strange errors or pages not loaded there that might help give us more insights into this problem.

Like
Andreas Hirtzel
Andreas Hirtzel July 23, 2019

Hi Andy, I followed the instructions to bypass the proxy. I can't log on. The behavior is a bit different but the result is the same. If I bypass the proxy I don't get the message that the credentials are not valid. The login screen just refreshs.

I checked the network traffic in the browser and found a lot of 403 and 401 entries. I have made some HAR files (one for localhost, one from outside). How can I secure send you the files?

Like Magnus Tamm likes this
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 23, 2019

I created a support case on your behalf for this problem.  You can upload these files and some others I have requested to https://getsupport.atlassian.com/servicedesk/customer/portal/22/JSP-409359

Regards,

Andy

Like
Magnus Tamm
Magnus Tamm December 11, 2019

Hey. 

Was this solved. I have the same problem. When logging in to admin panel the login page just refreshes. Sometimes user must try 20 times before successful login.


Edit:

Only one user has this problem. This user uses Confluence on Mac.  Cache is cleared, switched browsers. nothing helps. 

 

Best wishes,

Magnus

Like Sreenatha Reddy likes this
markoned
markoned January 13, 2022

@Andreas Hirtzel  could you please give some feedback on this topic?

Thank you in advance.

 

Regards, Ned.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events