REST Reponse with 200 OK + No Body + Auth Failure

Paul Marquess December 11, 2014

We are using the JIRA REST interface to interact with a cloud-based JIRA instance. All our applications are using Basic Auth.

Occasionally I'm seeing REST requests fail with HTTP response that looks wrong.

This is what I get

  1. HTTP status is 200
  2. Response Body is empty
  3. Response headers indicate an Authentication failure

Here are some of the relevant headers I'm seeing in the HTTP Response

 HTTP/1.1 200 OK
 Connection: close
 Content-Length: 0
 Content-Type: text/html;charset=UTF-8
 X-AREQUESTID: 105x142124x1
 X-ASEN: SEN-2839797
 X-Seraph-LoginReason: OUT
 X-Seraph-LoginReason: AUTHENTICATED_FAILED

 

The initial symptom in the application code is a JSON parsing error because the JIRA libraries I've tried all expect a valid JSON document along with the 200 response - the empty document causes a JSON exception. Digging into the problem showed the presence of the strange 200 response.

I've reported this to Atlassian, but this strange behaviour can only be reproduced in our JIRA instance (they suggested I check here to see if anyone else is seeing the same symptoms). I can reproduce the problem to order by repeating the same REST command in a loop - the issue will usually kick in after a few minutes. I've verified that the issue can happen with any of the REST calls we are using (so I can see search, create & add comment & delete all fail with the same error).

Based on discussions with Atlassian, I can work around the issue by retrying the HTTP request, but I would prefer not to have the workaround at all. If there is a bug it would be better to get it fixed.

Anyone seen anything that looks like this? Remember the typical error from the application is likely to be an excepted JSON parsing error.

cheers
Paul

2 answers

1 vote
Paul Marquess January 8, 2015

Yes, I agree that a 200 Ok with an empty body is simply a bug in JIRA, and so do Altassian. Best guess I got was that it may be CPU related.

Ticket was opened with Altassian, but they couldn't reproduce anywhere except in our JIRA instance -- thus this thread to see if there is more evidence of the issue.

The link you posed looks suspiciously like the same thing- namely a 200 response with an empty body. Plus I see the AUTHENTICATED_FAILED message. I'd say you are triggering the same issue.

Does your setup use Basic Auth ? One suggestion I got from Altassian support was to use cookies instead (they consume less resources on the JIRA server it would seem). The problem is the JIRA REST docs state in a number of places that Basic Auth is the recommended method with REST, plus I found other reliability issues when I tried cookies.

Sorin Sbarnea January 9, 2015

Have a look at https://jira.atlassian.com/browse/JRA-41559 - now we have a bug opened.

Paul Marquess January 9, 2015

Thanks - just added a link to my support ticket in your bug report.

1 vote
Sorin Sbarnea January 8, 2015

This is now a known bug https://jira.atlassian.com/browse/JRA-41559 - we should pursuit it there and eventually opening new support tickets and telling support guys to look at this bug. 

I have the same kind of problem while running the unit tests on Python JIRA. It is hard to replicate as it is not consistent but based on the received response this is a huge bug and is failing to respect the basic HTTP standards. Do you have a bug opened with them? 200 means success, what is in the headers is dust in the wind. I suspect that they are doing some kind of caching or content acceleration really wrongly.

Take a look here https://travis-ci.org/pycontribs/jira/jobs/46347208 – do you recognize the issue?

 

Suggest an answer

Log in or Sign up to answer