Bitbucket Server displays 404 j_bitbucket_security_check after User Directory modifications
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
問題
After making changes to User Directories in Bitbucket Server users are not able to log in anymore.
The following page is shown after trying to log in:
/j_bitbucket_security_check
Use the links at the top to get back.The following appears in the atlassian-bitbucket.log
2015-08-13 17:06:56,498 WARN [http-nio-7990-exec-3] @1TI7KIHx1026x23x0 127.0.0.1 "POST /j_bitbucket_security_check HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Authenticator 'com.atlassian.bitbucket.bitbucket-auth-crowd-sso:crowdSsoAuthHandler' threw an exception
java.lang.NullPointerException: null
at com.atlassian.bitbucket.internal.crowd.HibernateApplicationDao.initialize(HibernateApplicationDao.java:67) ~[bitbucket-dao-impl-3.11.1.jar:na]
at com.atlassian.bitbucket.internal.crowd.HibernateApplicationDao.findByName(HibernateApplicationDao.java:39) ~[bitbucket-dao-impl-3.11.1.jar:na]
at com.atlassian.bitbucket.internal.crowd.HibernateApplicationDao.findByName(HibernateApplicationDao.java:25) ~[bitbucket-dao-impl-3.11.1.jar:na]
at com.atlassian.bitbucket.internal.crowd.MemoizingApplicationFactory.getApplication(MemoizingApplicationFactory.java:36) ~[bitbucket-service-impl-3.11.1.jar:na]
at com.atlassian.crowd.embedded.core.CrowdServiceImpl.getApplication(CrowdServiceImpl.java:891) ~[embedded-crowd-core-2.8.4-m1.jar:na]
at com.atlassian.crowd.embedded.core.CrowdServiceImpl.getUserWithAttributes(CrowdServiceImpl.java:104) ~[embedded-crowd-core-2.8.4-m1.jar:na]
at com.atlassian.bitbucket.internal.crowd.RiotPolice.findUserWithAttributes(RiotPolice.java:419) ~[bitbucket-service-impl-3.11.1.jar:na]
at com.atlassian.bitbucket.internal.auth.DefaultCaptchaService.checkCaptcha(DefaultCaptchaService.java:93) ~[bitbucket-service-impl-3.11.1.jar:na]
at com.atlassian.bitbucket.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:117) [PluginAuthenticationProvider.class:na]
at com.atlassian.bitbucket.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:61) [PluginAuthenticationProvider.class:na]
at com.atlassian.bitbucket.internal.spring.security.Bitbucket ServerAuthenticationFilter.doFilter(Bitbucket ServerAuthenticationFilter.java:102) [Bitbucket ServerAuthenticationFilter.class:na]
at com.atlassian.bitbucket.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:109) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.bitbucket.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:103) [atlassian-trusted-apps-core-4.0.0.jar:na]
at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:79) [atlassian-oauth-service-provider-plugin-1.9.10_1432245188000.jar:na]
at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:36) [analytics-client-3.70.1_1436161608000.jar:na]
at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) [analytics-client-3.70.1_1436161608000.jar:na]
at com.atlassian.bitbucket.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:87) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.bitbucket.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.bitbucket.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:85) [bitbucket-service-impl-3.11.1.jar:na]
at com.atlassian.bitbucket.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38) [ConfigurableWebFilter.class:na]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_45]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_45]
... 166 frames trimmed診断
Diagnostic Steps
Analyse the content of CWD_APP_DIR_MAPPING table in the database:
SELECT * FROM cwd_app_dir_mapping;There are three possible scenarios that cause the error to occur:
Non-unique values in LIST_INDEX column
Non-consecutive values in LIST_INDEX column
Values in LIST_INDEX column consecutive but not starting from 0
原因
Modifications in User Directories could leave the Bitbucket Server database in an inconsistent state. As a result, when users try to authenticate and the CWD_APP_DIR_MAPPING table is examined to identify the directory the user belongs to, it throws the error above.
回避策
Change the values of LIST_INDEX column in CWD_APP_DIR_MAPPING to make them consecutive and starting from 0 solves the problem.
The query provided is just an example and is referred only to case 1. Please change the values of LIST_INDEX and ID in the query accordingly to the case you are experiencing and to the actual values in the database table.
データベースの変更を行う場合は必ず事前にバックアップを取得してください。可能な場合は、まずステージング サーバーで SQL コマンドの変更、挿入、更新、または削除を行うようにします。
UPDATE cwd_app_dir_mapping SET list_index=0 WHERE id=65537