Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Intermittent permission issue after logging in with JIRA

Justin Walsh2
Justin Walsh June 18, 2013

I've recently installed JIRA, Confluence, and Stash and am using JIRA to connect to my local LDAP server for authentication.

Everything seems to be functioning properly with my admin account and LDAP users except after I began allowing a few people to access the system, I am intermittently experiencing a strange issue.

Roughly one in every three log ins (both for my admin account and LDAP users) will seem to have no permission to do anything. From the JIRA home screen, the Projects drop down will not scroll down and if I click to create an issue it tells me that I do not have permission and to close the screen and log in again.

I am using MySQL as my db and have checked the server and SQL logs without noticing anything odd.

I apologize for not providing more information, but I am not sure where I should look. Any help would be greatly appreciated.

Answer
Watch
Like Be the first to like this
225 views

3 answers

1 accepted

0 votes
Answer accepted
J. Caldwell
J. Caldwell
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 19, 2013

So...here's what I've learned from my LDAP intergration experience. Unless you are going to be leveraging AD groups as method of allowing Jira users to be added to groups, it is better to go with an "Internal with LDAP auth." First, you only pull over people that login, which is nice from the licensing perspective. Secondly, you put more things in your own control. You can deactive a user and you don't have to deal with AD maintaining entities. Plus...for me, it's been less twitchy.

Still trying to figure out what the issue is.

Another suggestion...move the Jira Internal Directory down...have LDAP be first.

View More Comments
Justin Walsh2
Justin Walsh June 19, 2013

I will do that. Thank you so much for the responses.

Like
Reply
1 vote
J. Caldwell
J. Caldwell
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 19, 2013

can you tell me what versions of Jira and how you setup your LDAP connection?

View More Comments
Justin Walsh2
Justin Walsh June 19, 2013

It's version 6.0.2 running on Windows.

LDAP is running off of a Win 2003 domain controller. The connection syncs and tests without issue: http://i.imgur.com/bqbX8se.png

Thanks for taking your time to respond.

Like
Reply
1 vote
J. Caldwell
J. Caldwell
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 19, 2013

Have you looked into the security logs for Jira? If not, I would recommend doing so. If you odn't see it, you should be able to turn up the logging level in the application (assuming recent jira version) to get the security log to generate. Then duplicate the issue and check the log. Absent an error message it's hard to say.

Also...is your admin account an internal to the app account, or not?

View More Comments
Justin Walsh2
Justin Walsh June 19, 2013

I spent a good while searching over the security logs and testing various things. The problem is, there doesn't seem to be any exceptions... it's just not creating a session.

This is suddenly much less urgent, however, as I've realized if I chose "remember me" when logging in, the issue goes away.

Here is a diff of SQL logs - left is without "remember me" the right is with. http://www.diffchecker.com/0r2gkiab

It seems that when logging in without "remember me" selected, the user gets to the dashboard but the session is immediately terminated. I can't find any failing insert or update queries, however, so I'm struggling to make sense of it.

The admin account is an internal JIRA account.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events