Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Why does user login fail when running "test" on a user directory succeeds?

Chad Barnes1
Chad Barnes
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 18, 2012

We have JIRA connected to Crowd. Our Crowd directory contains all of our users, and is working fine. However, I need to change the configuration of the directory and that can only be done if I am logged in via a different directory. So, I enabled the JIRA internal directory.

  1. Enabled internal directory
  2. Created user with unique name "jiraadmin"
  3. Added user to new group "internal-admins"
  4. Added group to "JIRA Users" and "JIRA System Administrators" permissions
  5. Clicked "Test" on the internal directory and confirmed all "success" messages for jiraadmin
  6. Tried logging in with jiraadmin - FAIL

2012-01-19 13:15:47,878 http-8080-7 anonymous 795x360x2 j7tfjy 131.198.224.155,198.151.224.26 /rest/gadget/1.0/login login : 'jiraadmin' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

2012-01-19 13:15:47,905 http-8080-7 anonymous 795x360x2 j7tfjy 131.198.224.155,198.151.224.26 /rest/gadget/1.0/login The user ' jiraadmin ' has FAILED authentication. Failure count equals 11

I also tried the above steps with a new crowd directory. Same results. Test indicated success but actual login attempts failed. Only our one Crowd directory works.

Any thoughts on why unique users in the internal JIRA directory cannot log in?

Answer
Watch
Like Be the first to like this
1456 views

4 answers

1 accepted

3 votes
Answer accepted
Chad Barnes1
Chad Barnes
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 19, 2012

This behavior is due to our use of the SSO authenticator. The following warning was a clue, but does not entirely characterize the limitation:

It is possible to define multiple user directories in JIRA. However, if you enable SSO integration, you will only be able to authenticate as users from the Crowd server defined in the crowd.properties file.

More specifically, you will only be able to authenticate as users from the Crowd application defined in crowd.properties.

Therefore, when using SSO, you may only use a single directory as your JIRA authentication source.

View More Comments
Jeremy Largman
Jeremy Largman
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 22, 2012

Thanks for posting your own answer Chad.

Like
Paul Boyum
Paul Boyum February 27, 2012

I ran into this same scenario with Confluence, thanks!

Like
meena radhakris
meena radhakrishnan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 14, 2012

What is the syntax for listing the JIRA local users in crowd.properties?

I only see application.name and application.password being listed in the document.

thanks

Like
Reply
1 vote
meena radhakris
meena radhakrishnan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 16, 2012

I ended up creating a new Crowd Directory in JIRA with the desired configuration changes and disabled the previous Crowd directory and that did the trick.

Reply
0 votes
Chad Barnes1
Chad Barnes
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 18, 2012

Confirmed. No user named "jiraadmin" exists in any directory in crowd. Also, the internal JIRA directory is first in the list.

Reply
0 votes
Colin Goudie
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 18, 2012

Can you confirm you DON'T have a jiradmin user in your crowd directory? and make sure your internal directory is first in the list.

Seems weird though, on first reading, sounds like you got everything

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events