Bitbucket Server throws 500 error when attempting to edit an External User Directory
症状
Issue #1:
atlassian-bitbucket.log
に次のメッセージが表示される。
2014-10-09 20:18:39,108 ERROR [http-nio-7990-exec-4] bitbucket @481MASx1218x229x0 18jc2n0 10.1.4.88,127.0.0.1 "GET /plugins/servlet/embedded-crowd/configure/ldap/ HTTP/1.0" c.a.p.s.ServletModuleContainerServlet Request processing failed; nested exception is com.atlassian.crowd.exception.DirectoryNotFoundException: java.lang.NumberFormatException: For input string: "229377?xsrfTokenName=atl_token"
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is com.atlassian.crowd.exception.DirectoryNotFoundException: java.lang.NumberFormatException: For input string: "229377?xsrfTokenName=atl_token"
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:583) ~[FrameworkServlet.class:4.0.6.RELEASE]
at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25) [applinks-plugin-4.2.4_1408604932000.jar:na]
at com.atlassian.bitbucket.internal.spring.security.Bitbucket ServerAuthenticationFilter.doFilter(Bitbucket ServerAuthenticationFilter.java:86) [Bitbucket ServerAuthenticationFilter.class:na]
...
Caused by: com.atlassian.crowd.exception.DirectoryNotFoundException: java.lang.NumberFormatException: For input string: "229377?xsrfTokenName=atl_token"
at com.atlassian.crowd.embedded.admin.DirectoryContextHelper.getDirectory(DirectoryContextHelper.java:80) ~[na:na]
...
Caused by: java.lang.NumberFormatException: For input string: "229377?xsrfTokenName=atl_token"
at java.lang.NumberFormatException.forInputString(Unknown Source) ~[na:1.7.0_55]
at java.lang.Long.parseLong(Unknown Source) ~[na:1.7.0_55]
...
2014-10-09 20:18:39,115 ERROR [http-nio-7990-exec-4] @481MASx1218x230x0 18jc2n0 10.1.4.88,127.0.0.1 "GET /mvc/error500 HTTP/1.0" c.a.s.i.web.ErrorPageController There was an unhandled error loading [/plugins/servlet/embedded-crowd/configure/ldap/]
Issue #2:
atlassian-stash.log
に次のメッセージが表示される。
2015-10-28 16:02:39,371 ERROR [http-nio-7990-exec-10] pathloth @HKPJ0Ix962x5475x0 5eyggl 9.66.78.78 "GET /plugins/servlet/embedded-crowd/configure/delegatingldap/ HTTP/1.1" c.a.p.s.ServletModuleContainerServlet Request processing failed; nested exception is org.springframework.beans.FatalBeanException: Could not copy properties from source to target; nested exception is java.lang.reflect.InvocationTargetException
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.beans.FatalBeanException: Could not copy properties from source to target; nested exception is java.lang.reflect.InvocationTargetException
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:583) ~[spring-webmvc-4.1.4.RELEASE.jar:4.1.4.RELEASE]
at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25) [applinks-plugin-4.3.5_1413940846000.jar:na]
at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:181) [sitemesh-2.5-atlassian-10.jar:na]
at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:85) [sitemesh-2.5-atlassian-10.jar:na]
at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:86) [StashAuthenticationFilter.class:na]
at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [atlassian-trusted-apps-core-3.0.8.jar:na]
at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:79) [atlassian-oauth-service-provider-plugin-1.9.10_1420780786000.jar:na]
at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:32) [analytics-client-3.56_1421929636000.jar:na]
at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) [analytics-client-3.56_1421929636000.jar:na]
at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na]
at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:82) [stash-service-impl-3.7.0.jar:na]
at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38) [ConfigurableWebFilter.class:na]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_85]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_85]
... 181 frames trimmed
Caused by: org.springframework.beans.FatalBeanException: Could not copy properties from source to target; nested exception is java.lang.reflect.InvocationTargetException
at org.springframework.beans.BeanUtils.copyProperties(BeanUtils.java:591) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
at org.springframework.beans.BeanUtils.copyProperties(BeanUtils.java:500) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
at com.atlassian.crowd.embedded.admin.DefaultDirectoryMapper.toDelegatingLdapConfiguration(DefaultDirectoryMapper.java:194) ~[na:na]
at com.atlassian.crowd.embedded.admin.delegatingldap.DelegatingLdapConfigurationController.formBackingObject(DelegatingLdapConfigurationController.java:44) ~[na:na]
... 17 common frames omitted
Caused by: java.lang.reflect.InvocationTargetException: null
at sun.reflect.GeneratedMethodAccessor1076.invoke(Unknown Source) ~[na:na]
at org.springframework.beans.BeanUtils.copyProperties(BeanUtils.java:588) ~[spring-beans-4.1.4.RELEASE.jar:4.1.4.RELEASE]
... 20 common frames omitted
Caused by: java.lang.NumberFormatException: For input string: "//bluepages.ibm.comyour.domain:636"
at java.lang.NumberFormatException.forInputString(NumberFormatException.java:65) ~[na:1.7.0_85]
at java.lang.Integer.parseInt(Integer.java:481) ~[na:1.7.0_85]
at java.lang.Integer.parseInt(Integer.java:527) ~[na:1.7.0_85]
at com.atlassian.crowd.embedded.admin.delegatingldap.DelegatingLdapDirectoryConfiguration.setLdapUrl(DelegatingLdapDirectoryConfiguration.java:150) ~[na:na]
... 21 common frames omitted
2015-10-28 16:02:39,376 ERROR [http-nio-7990-exec-10] @HKPJ0Ix962x5476x0 5eyggl 9.66.78.78 "GET /mvc/error500 HTTP/1.1" c.a.s.i.web.ErrorPageController There was an unhandled error loading [/stash/plugins/servlet/embedded-crowd/configure/delegatingldap/]
診断
Issue #1:
Check if your Bitbucket Server instance is requesting an incorrect URL:
In this specific example, the URL being requested was:
10.1.4.88,127.0.0.1 | http | i@481MASx205x481x0 | - | 2014-10-10 03:25:56,937 | "GET /rest/menu/latest/appswitcher HTTP/1.0" | "https://bitbucket.domain.com/plugins/servlet/embedded-crowd/configure/ldap/?xsrfTokenName=atl_token&xsrfTokenValue=d4f9ca1760160116cef56a9b4097d276fbe41f59&directoryId=229377?xsrfTokenName=atl_token&xsrfTokenValue=d4f9ca1760160116cef56a9b4097d276fbe41f59&directoryId=229377" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36" | - | - | e50ljz |
However, the URL should have been like:
https://bitbucket.domain.com/plugins/servlet/embedded-crowd/configure/ldap/?xsrfTokenName=atl_token&xsrfTokenValue=d4f9ca1760160116cef56a9b4097d276fbe41f59&directoryId=229377
A good way to analyse what is causing that is by executing the procedure below:
Something is changing the URL. See example of a request like that in a HAR:
- Test the caching in your browser and clear it.
- Try to edit the directory as an incognito window in your browser as well.
Issue #2:
Looking at your current configuration in SupportZip/application-properties/application.xml, you can see the LDAP address incorrectly updated:
<directory>
<id>229377</id>
...
... ldap.url=ldaps://ldaps://yourdomain.com:636 ....
</directory>
原因
Issue #1:
A proxy could be tampering with the URL when you click edit.
Issue #2:
The cwd_directory_attribute
has been updated with an invalid value and the Embedded Crowd fails when you try to edit it.
ソリューション
Issue #1:
- Check for what is changing the URL being requested to Bitbucket Server and bypass the proxy.
Issue #2:
The cwd_directory_attribute
has been updated with an invalid value and the Embedded Crowd fails when you try to edit it. In order to fix that:
Check that this parameter is incorrect on the database:
select * from cwd_directory_attribute WHERE attribute_name='ldap.url';
At this point, we're expecting that the attribute_name is incorrect and set as ldaps://ldaps//your.domain.com:636
- The next step is to update the incorrect value:
- Stop your Stash instance;
Update the value correctly. Notice that the
directory_id
value below was also obtained from the SupportZip/application-properties/application.xml file:UPDATE cwd_directory_attribute SET attribute_value='ldaps://your.domain.com:636' WHERE directory_id=229378 and attribute_name='ldap.url';
- Restart your instance. That should enable you to edit the directory again.