Jira ldap login throws error the first time

I have a Jira instance up and running, version v7.6.1.

I configured open LDAP through delegated LDAP Authentication. 

The first time an unauthenticated and not previously existant into JIRA database logins in, gives an error : "Sorry, an error occurred trying to log you in - please try again."

After that, you type again user and password, and the system lets you log in normally.

I have tried looking around the web to fix this issue but haven't found a solution.

Can you help me out?

1 answer

1 accepted

0 votes

Hi Carlos,

Take a look at your catalina.out and see what the logs say.  You'll most likely see something like the following:

2012-10-15 08:54:14,284 TP-Processor1 ERROR anonymous 534x141x1 1vn84ba [0.0.0.0] /rest/gadget/1.0/login [crowd.manager.application.ApplicationServiceGeneric] Directory 'LDAP Atlassian' is not functional during authentication of '[atlUser]'. Skipped.
2012-10-15 08:54:14,284 TP-Processor1 ERROR anonymous 534x141x1 1vn84ba 172.26.3.20 /rest/gadget/1.0/login [jira.security.login.JiraSeraphAuthenticator] Error occurred while trying to authenticate user '[atlUser]'.

Take a look at the knowledge base article Crowd user authentication fails with 'Directory 'X' is not functional during authentication' error and the guidance it provides:

Cause

This occurs when a OperationFailedException is thrown when attempting to authenticate as a user. This typically is thrown when executing an operation on the remote directory failed for some reason. For example:

  1. General network errors (e.g.: unable to route to the server due to DNS, firewall, slow network speeds)
  2. The external user directory is offline
  3. The external user directory is unreachable
  4. LDAP errors
  5. Intermittent timeouts, which can result in sporadic occurence

Resolution

  1. Double check the external user directory and ensure it is online.
  2. Ping the external user directory using the URL defined in Crowd and ensure Crowd can resolve it. If not, then work with your network team to correct the path. As a temporary measure, the IP address of the server housing the external user directory can be used.
  3. If the issue persists, add the DEBUG log level for the com.atlassian.crowd.manager.application package (see Logging and Profiling for detailed instructions on how to do that), and check the logs for any errors, exceptions or otherwise.
  4. If you're still unable to resolve the problem, contact support with the log folder with increased log levels (from #3) after the issue occurs.
  5. Set the timeout to a large number as per Setting Properties and Options on Startup:

    -Dcom.sun.jndi.ldap.connect.timeout=50000

    (info) More information about the connect timeout can be found in Oracle's Setting Timeout for Ldap Operations documentation.

In addition I would take a look at the Communities post Error when log in with LDAP authentication for more suggestions from users who've experienced this issue and found resolutions.

Cheers,

Branden

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,145 views 13 19
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot