WebSudo Login Issues With HAProxy
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
問題
Accessing Admin-related functions require a websudo authentication. With HAProxy in front of Confluence (as a load balancer for the Data Center), this becomes a problem if HAProxy is not configured correctly
診断
環境
- This applies only to HAProxy configurations with Confluence
原因
Indirect flag in the cookie configuration in HAProxy, example:
backend confluence_app
option httplog
option forwardfor
option http-server-close
option httpchk
mode http
balance roundrobin
cookie JSESSIONID prefix indirect nocache
According to https://cbonte.github.io/haproxy-dconv/configuration-1.5.html :
Note: it is highly recommended not to use "indirect" with "prefix", otherwise server cookie updates would not be sent to clients
ソリューション
Remove the indirect flag in the cookie configuration in HAProxy, followed by a restart