I've recently installed JIRA, Confluence, and Stash and am using JIRA to connect to my local LDAP server for authentication.
Everything seems to be functioning properly with my admin account and LDAP users except after I began allowing a few people to access the system, I am intermittently experiencing a strange issue.
Roughly one in every three log ins (both for my admin account and LDAP users) will seem to have no permission to do anything. From the JIRA home screen, the Projects drop down will not scroll down and if I click to create an issue it tells me that I do not have permission and to close the screen and log in again.
I am using MySQL as my db and have checked the server and SQL logs without noticing anything odd.
I apologize for not providing more information, but I am not sure where I should look. Any help would be greatly appreciated.
So...here's what I've learned from my LDAP intergration experience. Unless you are going to be leveraging AD groups as method of allowing Jira users to be added to groups, it is better to go with an "Internal with LDAP auth." First, you only pull over people that login, which is nice from the licensing perspective. Secondly, you put more things in your own control. You can deactive a user and you don't have to deal with AD maintaining entities. Plus...for me, it's been less twitchy.
Still trying to figure out what the issue is.
Another suggestion...move the Jira Internal Directory down...have LDAP be first.
Have you looked into the security logs for Jira? If not, I would recommend doing so. If you odn't see it, you should be able to turn up the logging level in the application (assuming recent jira version) to get the security log to generate. Then duplicate the issue and check the log. Absent an error message it's hard to say.
Also...is your admin account an internal to the app account, or not?
I spent a good while searching over the security logs and testing various things. The problem is, there doesn't seem to be any exceptions... it's just not creating a session.
This is suddenly much less urgent, however, as I've realized if I chose "remember me" when logging in, the issue goes away.
Here is a diff of SQL logs - left is without "remember me" the right is with. http://www.diffchecker.com/0r2gkiab
It seems that when logging in without "remember me" selected, the user gets to the dashboard but the session is immediately terminated. I can't find any failing insert or update queries, however, so I'm struggling to make sense of it.
The admin account is an internal JIRA account.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG