Jira ldap login throws error the first time

I have a Jira instance up and running, version v7.6.1.

I configured open LDAP through delegated LDAP Authentication. 

The first time an unauthenticated and not previously existant into JIRA database logins in, gives an error : "Sorry, an error occurred trying to log you in - please try again."

After that, you type again user and password, and the system lets you log in normally.

I have tried looking around the web to fix this issue but haven't found a solution.

Can you help me out?

1 answer

1 accepted

0 vote

Hi Carlos,

Take a look at your catalina.out and see what the logs say.  You'll most likely see something like the following:

2012-10-15 08:54:14,284 TP-Processor1 ERROR anonymous 534x141x1 1vn84ba [0.0.0.0] /rest/gadget/1.0/login [crowd.manager.application.ApplicationServiceGeneric] Directory 'LDAP Atlassian' is not functional during authentication of '[atlUser]'. Skipped.
2012-10-15 08:54:14,284 TP-Processor1 ERROR anonymous 534x141x1 1vn84ba 172.26.3.20 /rest/gadget/1.0/login [jira.security.login.JiraSeraphAuthenticator] Error occurred while trying to authenticate user '[atlUser]'.

Take a look at the knowledge base article Crowd user authentication fails with 'Directory 'X' is not functional during authentication' error and the guidance it provides:

Cause

This occurs when a OperationFailedException is thrown when attempting to authenticate as a user. This typically is thrown when executing an operation on the remote directory failed for some reason. For example:

  1. General network errors (e.g.: unable to route to the server due to DNS, firewall, slow network speeds)
  2. The external user directory is offline
  3. The external user directory is unreachable
  4. LDAP errors
  5. Intermittent timeouts, which can result in sporadic occurence

Resolution

  1. Double check the external user directory and ensure it is online.
  2. Ping the external user directory using the URL defined in Crowd and ensure Crowd can resolve it. If not, then work with your network team to correct the path. As a temporary measure, the IP address of the server housing the external user directory can be used.
  3. If the issue persists, add the DEBUG log level for the com.atlassian.crowd.manager.application package (see Logging and Profiling for detailed instructions on how to do that), and check the logs for any errors, exceptions or otherwise.
  4. If you're still unable to resolve the problem, contact support with the log folder with increased log levels (from #3) after the issue occurs.
  5. Set the timeout to a large number as per Setting Properties and Options on Startup:

    -Dcom.sun.jndi.ldap.connect.timeout=50000

    (info) More information about the connect timeout can be found in Oracle's Setting Timeout for Ldap Operations documentation.

In addition I would take a look at the Communities post Error when log in with LDAP authentication for more suggestions from users who've experienced this issue and found resolutions.

Cheers,

Branden

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published yesterday in Jira Software

How large do you think Jira Software can grow?

Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...

194 views 4 8
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you