Problem authenticating Jira with Crowd with customer Authenticator

We would like to use passwordless authentication when authenticating Jira with Crowd. Our project has followed the steps listed here to set up the two applications; the only difference being that we are using our customer authenticator in place of '".

While tailing the Crowd logs and accessing JIRA we can see that the custom authenticator is accessing Crowd. The user being passed to Crowd is set up as having accesing to JIRA inside of the Crowd. Crowd reports that it recognizes the user and that the user has access to JIRA. A problem occurs when Crowd tries to update its database and we see the below errors:

Could not synchronize database state with session: org.hibernate.StaleStateException: Batch update returned unexcepted row count from update [0]; actual row count: 0; expected: 1

java.sql.BatchUpdateException: Duplicate entry 'XXXXXX' for key 'identifier_hash'

I'm simply paraphrasing the stack trace here; the original stacktrace is on a seperate system than I can't transfer over and upload.

The username is set in the HTTPRequest by a Tomcat Filter before reaching the custom Authenticator.

The custom authenticator extends 'com.atlassian.crowd.integration.seraph.v25.CrowdAuthenticator'

Below is the authenticator code:

public class CustomCrowdAuthenticator extends CrowdAuthenticator{

public CustomCrowdAuthenticator(){

public CustomCrowdAuthentictor(CrowdHttpAuthenticator crwodHttpAuthenticator){

public Principal getUser(HttpServletRequest request, HttpServletResponse response){
   Principal user = super.getUser(request,response);
   if(user == null){
     String username = //get user name out of request
     user = getUserFromSession(request);
     catch(AuthenciationException e){
       //log error

   return user;

private boolean passwordlessLogin(HttpServletRequest request, HttpServletResponse response, String username, boolean cookie) throws AuthenticatorException{

  boolean authenticated = false;
authenticated = true;
   }catch(Exception e){
   //log exception

  String fakePassword = authenticated ? CORRECT_PASSWORD : INCORRECT_PASSWORD;

  authenticated = ((DefaultAuthenticator)this).login(request,response,username,fakePassword,cookie);

return authenticated;


2 answers

It should be noted that we are using Jira version 5.0.2 and Crowd version 2.4.1. I was looking inside both of these and noticed that they both use the following jars:




Jira uses version 2.3.6 of these jars, while Crowd uses 2.4.1. Does this pose a problem?

I also noticed the following:

Within firefox I'm seeing the following cookies added when I attempt to login to Jira using the customer authenticator:


Multiple instances of this cookie are inside of my browser (one login attempt produces 35 differnt cookies). Is this the token that is supplied to me by Crowd?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

1,186 views 5 10
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you