some users cant log in - windows pop up

Hi all,

Some users can not log into JIRA. After they enter a URL, they see the windows pop up where they enter the credentials for the JIRA server. Credentials will not work and after x attempts they get message http 401. This applies to several dozen users who have the same settings as the others, which it is okay. Security policies are set globally. If the affected users try to log on station, where a log-worked, their logging are without any problems.

2 answers

1 accepted

0 votes
Accepted answer

Solved - I turned off ntlm auth. and now is OK. Problem was with licencing, thanks

0 votes

You say "the windows popup" - do you mean you are getting a popup from the browser, or literally a windows login popup? (If it's an application popup, then how have you done that? Jira doesn't pop up a window for login, it goes to a login screen, so Im a bit confused by that)

its a windows login popup and this popup shows before JIRA login page

Ok, if you're seeing a windows login, that's probably caused by your network - your users open the browser, try to go to Jira and the network doesn't think they're logged in. So they need to enter their windows/network login into it, not Jira.

I'm afraid that's a networking problem, not Jira. Unless you're using some form of directory integration and SSO - is that the case?

I think it could be a problem verifying the Tomcat. I tried to use the affected user profile on my workstation and popup appeared again. When the user enters their credentials, so it will not work, but when I enter my data, so I get to JIRA.

we using ntlm auth.

Sorry, how have you hooked NTLM into Jira?

I do not know exactly what you mean? Do you want to insert the contents of web.xml and seraph.xml?

Well, not the details, just explain how you've hooked it up and how Jira talks to your user listing (I'm guessing that's Active Directory?)

yes Active Directory on port 389

Ok, then you probably need to read the AD logs to find out why their logins are failing.

But it might be worth posting the AD configuration in Jira here for us to sanity check it (it's probably fine, as you do have people who can get in, but it's still useful background for us to see while we epxlore the AD logs)

i checked AD logs, but no errors or similar events for this day

I'm afraid you need to turn the logging up on AD then.

The problem here is that your network doesn't believe your user is logged in, and then it's refusing to accept whatever they're typing in when the box pops up. This is entirely down to AD and your network, they're not even reaching Jira when this is happening.

hmm, now after restarting Tomcat impaired users already get without a problem, I do not know whether to appear other users on Monday. Do you have any idea what it could be?

Hmm. The last time I saw that happen, it was broken AD. Stopping Tomcat fixed it because whatever was broken started getting "not found" from Tomcat instead of the authentication stuff, so it cleared some form of cache. But it might be a cache in Tomcat for you, or something else.

It's pretty much impossible to diagnose this without tracing what is going on when a user tries to authenticate via AD, which means you need to log it in AD.

Today we have the same problem with different users, I found in ntlm-auth.log

This may be the cause?

HttpSecurityService: Authentication failed: NETLOGON failure

2014-05-05 08:50:22: Jespa license.key: SN2151120131022|0|0|1389331860|Jespa 60 Day Trial Licensing Key||||||

2014-05-05 08:50:22: Jespa code-source: /D:/jira-612/atlassian-jira/WEB-INF/lib/jespa-1.1.19.jar

2014-05-05 08:50:22: HttpSecurityService: IP: USER successfully authenticated

2014-05-05 08:50:28: Jespa license.key 25 user limit exceeded

is there any easy way to turn off ntlm auth?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,874 views 19 22
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you