Intermittent permission issue after logging in with JIRA

I've recently installed JIRA, Confluence, and Stash and am using JIRA to connect to my local LDAP server for authentication.

Everything seems to be functioning properly with my admin account and LDAP users except after I began allowing a few people to access the system, I am intermittently experiencing a strange issue.

Roughly one in every three log ins (both for my admin account and LDAP users) will seem to have no permission to do anything. From the JIRA home screen, the Projects drop down will not scroll down and if I click to create an issue it tells me that I do not have permission and to close the screen and log in again.

I am using MySQL as my db and have checked the server and SQL logs without noticing anything odd.

I apologize for not providing more information, but I am not sure where I should look. Any help would be greatly appreciated.

3 answers

1 accepted

This widget could not be displayed.

So...here's what I've learned from my LDAP intergration experience. Unless you are going to be leveraging AD groups as method of allowing Jira users to be added to groups, it is better to go with an "Internal with LDAP auth." First, you only pull over people that login, which is nice from the licensing perspective. Secondly, you put more things in your own control. You can deactive a user and you don't have to deal with AD maintaining entities. Plus...for me, it's been less twitchy.

Still trying to figure out what the issue is.

Another suggestion...move the Jira Internal Directory down...have LDAP be first.

I will do that. Thank you so much for the responses.

This widget could not be displayed.

Have you looked into the security logs for Jira? If not, I would recommend doing so. If you odn't see it, you should be able to turn up the logging level in the application (assuming recent jira version) to get the security log to generate. Then duplicate the issue and check the log. Absent an error message it's hard to say.

Also...is your admin account an internal to the app account, or not?

I spent a good while searching over the security logs and testing various things. The problem is, there doesn't seem to be any exceptions... it's just not creating a session.

This is suddenly much less urgent, however, as I've realized if I chose "remember me" when logging in, the issue goes away.

Here is a diff of SQL logs - left is without "remember me" the right is with. http://www.diffchecker.com/0r2gkiab

It seems that when logging in without "remember me" selected, the user gets to the dashboard but the session is immediately terminated. I can't find any failing insert or update queries, however, so I'm struggling to make sense of it.

The admin account is an internal JIRA account.

This widget could not be displayed.

can you tell me what versions of Jira and how you setup your LDAP connection?

It's version 6.0.2 running on Windows.

LDAP is running off of a Win 2003 domain controller. The connection syncs and tests without issue: http://i.imgur.com/bqbX8se.png

Thanks for taking your time to respond.

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

155 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you