Unable to login to Confluence with the error message "Cannot call sendRedirect() after the response has been committed"
プラットフォームについて: Server と Data Center のみ - この記事は、サーバーおよびデータセンター プラットフォームのアトラシアン製品にのみ適用されます。
Some users are unable to login into Confluence (standalone server) with the following error message seen in the UI:
Oops - an error has occurred System Error Cause java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:494) Stack Trace:[hide] java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
The following appears in the atlassian-confluence.log
SAMLResponse : PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9jb25mbHVlbmNlLnNpbGFicy5jb20vL2luZGV4LmFjdGlvbiIgSUQ9ImlkM ... Uw6Mi4wOmFzc2VydGlvbiI+PHNhbWwyOkF1dGhuQ29udGV4dD48c2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQ8L3NhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDI6QXV0aG5Db250ZXh0Pjwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ+PC9zYW1sMjpBc3NlcnRpb24+PC9zYW1sMnA6UmVzcG9uc2U+ RelayState : https://myconfluence.com/pages/viewpage.action?spaceKey=AAA&title=Setup caused by: java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:494)
You are using SAML/OKTA with Confluence standalone.
According to the above traces, there's something wrong with SAML/OKTA code that is generating the error. The problem is related to the doForward() and to the sendRedirect() methods.
More details about both methods and we found the following external threads:
- java - how to fix Cannot call sendRedirect() after the response has been committed? - Stack Overflow
- servlets - java.lang.IllegalStateException: Cannot (forward - sendRedirect - create session) after response has been committed - Stack Overflow
Check, and update the version of your OKTA connector plugin.
Disable the OKTA/SAML SSO and use only the default Confluence authenticator
- Disable any third-party plugins installed that enabled OKTA/SAML SSO connection with Confluence.
- Confluence is configured to achieve SSO through the file seraph-config.xml located in the <confluence_install>/confluence/WEB-INF/classes/seraph-config.xml. Ensure that has the the default Confluence authenticator enabled and OKTA/SAML SSO authenticator disabled:
<!-- The default Confluence authenticator is uncommented (enabled) --> <authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>
Install Crowd and use Crowd SSO instead. More information can be viewed here:
OKTA and SAML SSO are currently not supported by Atlassian (Atlassian Support Offerings) . Contact OKTA support or the vendor of your OKTA connector plugin to notify about this issue.