Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

User is still being logged in automatically on Jira

Jael Busuttil
Jael Busuttil August 20, 2019

I am currently facing an issue in which a particular user (still active in JIRA) who used to be a JIRA admin but terminated employment in May 2019, is somehow still being logged in between once to twice a week automatically, even though his AD password expired in July. 

I have checked if this jira admin has scripts running under his name or post functions through the script registry, however nothing was found. As well as the logs in JIRA for any user activity and the logs show as follows: 

Security log: 2019-08-07 13:31:55,404 http-nio-8080-exec-4527 <username> 811x5140428x2 12di4n0 <Jira node IP>, <Jira node IP> /sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml HttpSession [12di4n0] destroyed for '<username>'

Access log: <Jira node IP> o716x753862x3 <username> [14/Aug/2019:11:56:00 +0200] "GET https://<hostname>/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml HTTP/1.0" 200 1677 0.0620 - "Apache-HttpClient/4.5.5 (Java/1.8.0_202)" "szlg9k"

 

I do not wish to delete the user, as this is not the first encounter of such issue, and deleting the user will solve the issue, however will not explain the root cause of this. Also, if something underlying is running under his name, it will create another problem.

Any ideas of what can I check further to find out the cause please? Thank you.

 

Answer
Watch
Like # people like this
765 views

1 answer

0 votes
Sreenivasaraju P
Sreenivasaraju P
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 20, 2019

Hi @Jael Busuttil ,

This is xml search request URL. 

One possibility from my side,  you have integrated any other system (like confluence) and wrote custom code. Please check.

jiraIssuesManager.retrieveXMLAsChannel method can be one possibility

Other one, from some other system it is trying get the request details and it is using his credentials. 

View More Comments
Jael Busuttil
Jael Busuttil August 23, 2019

Hi @Sreenivasaraju P , firstly wanted to thank you for your response, and thanks to your insight, I have found out that this login in JIRA is being triggered through confluence. 

This is due to using the built in script "switch to different user" and when accessing the JIRA filter - accessing an issue in JIRA from Confluence. It then asks for any credentials, the login for this user is refreshed once again in JIRA.

Also, there was no custom codes under his name, or which he has worked on in neither JIRA nor Confluence. 

If you have any other insight, I would highly appreciate it as I have found out as to where is being logged but still have not found the root cause.

Thank you. 

Like David Drinnan likes this
Jael Busuttil
Jael Busuttil August 29, 2019

Hi @Sreenivasaraju P 

Just a small update within this regard, I have revoked access on confluence, it is called the: "OAuth Access Tokens". 

Basically it is enabled per individual within their profile, so to revoke it, I had to use the built script "switch to different user" and revoke access.

If I understood correctly this token authenticates the user to communicate with JIRA (i.e links) from Confluence.

More information in the below link:

https://confluence.atlassian.com/jiracorecloud/allowing-oauth-access-781387238.html

This was done last Friday (23.08.2019) and on Jira it was yet again recorded that the user's last login was last Tuesday (27.08.2019). Any ideas please?

Thank you.

Like David Drinnan likes this
Gaj Umapathy
Gaj Umapathy April 19, 2022

Did you get a solution for this?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events