Jira ldap login throws error the first time

CARLOS ALBERTO TERUEL SAEZ December 14, 2017

I have a Jira instance up and running, version v7.6.1.

I configured open LDAP through delegated LDAP Authentication. 

The first time an unauthenticated and not previously existant into JIRA database logins in, gives an error : "Sorry, an error occurred trying to log you in - please try again."

After that, you type again user and password, and the system lets you log in normally.

I have tried looking around the web to fix this issue but haven't found a solution.

Can you help me out?

1 answer

1 accepted

0 votes
Answer accepted
somethingblue
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 14, 2017

Hi Carlos,

Take a look at your catalina.out and see what the logs say.  You'll most likely see something like the following:

2012-10-15 08:54:14,284 TP-Processor1 ERROR anonymous 534x141x1 1vn84ba [0.0.0.0] /rest/gadget/1.0/login [crowd.manager.application.ApplicationServiceGeneric] Directory 'LDAP Atlassian' is not functional during authentication of '[atlUser]'. Skipped.
2012-10-15 08:54:14,284 TP-Processor1 ERROR anonymous 534x141x1 1vn84ba 172.26.3.20 /rest/gadget/1.0/login [jira.security.login.JiraSeraphAuthenticator] Error occurred while trying to authenticate user '[atlUser]'.

Take a look at the knowledge base article Crowd user authentication fails with 'Directory 'X' is not functional during authentication' error and the guidance it provides:

Cause

This occurs when a OperationFailedException is thrown when attempting to authenticate as a user. This typically is thrown when executing an operation on the remote directory failed for some reason. For example:

  1. General network errors (e.g.: unable to route to the server due to DNS, firewall, slow network speeds)
  2. The external user directory is offline
  3. The external user directory is unreachable
  4. LDAP errors
  5. Intermittent timeouts, which can result in sporadic occurence

Resolution

  1. Double check the external user directory and ensure it is online.
  2. Ping the external user directory using the URL defined in Crowd and ensure Crowd can resolve it. If not, then work with your network team to correct the path. As a temporary measure, the IP address of the server housing the external user directory can be used.
  3. If the issue persists, add the DEBUG log level for the com.atlassian.crowd.manager.application package (see Logging and Profiling for detailed instructions on how to do that), and check the logs for any errors, exceptions or otherwise.
  4. If you're still unable to resolve the problem, contact support with the log folder with increased log levels (from #3) after the issue occurs.
  5. Set the timeout to a large number as per Setting Properties and Options on Startup:

    -Dcom.sun.jndi.ldap.connect.timeout=50000

    (info) More information about the connect timeout can be found in Oracle's Setting Timeout for Ldap Operations documentation.

In addition I would take a look at the Communities post Error when log in with LDAP authentication for more suggestions from users who've experienced this issue and found resolutions.

Cheers,

Branden

Suggest an answer

Log in or Sign up to answer