Unable to log in to Crowd while authentication to the connected applications is fine
問題
All of sudden, user is unable to login to Crowd Console. However, user can login to the applications that use Crowd for authentication without any problem.
atlassian-crowd.log
に次のメッセージが出力される。
2015-03-09 08:12:56,131 http-8095-2 ERROR [crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter] Unable to unset Crowd SSO token
org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.
org.codehaus.xfire.fault.XFireFault: Couldn't send message.
at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:30)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at $Proxy139.authenticateApplication(Unknown Source)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.authenticate(SecurityServerClientImpl.java:229)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.getSoapApplicationToken(SecurityServerClientImpl.java:214)
at com.atlassian.crowd.service.soap.client.SecurityServerClientImpl.invalidateToken(SecurityServerClientImpl.java:325)
at com.atlassian.crowd.service.cache.CacheAwareAuthenticationManager.invalidate(CacheAwareAuthenticationManager.java:96)
at com.atlassian.crowd.integration.http.HttpAuthenticatorImpl.logoff(HttpAuthenticatorImpl.java:289)
at com.atlassian.crowd.integration.springsecurity.CrowdSSOAuthenticationProcessingFilter.onUnsuccessfulAuthentication(CrowdSSOAuthenticationProcessingFilter.java:242)
...
Caused by: org.codehaus.xfire.XFireException: Couldn't send message.
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:145)
at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)
... 75 more
Caused by: java.net.ConnectException: Connection timed out: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at java.net.Socket.connect(Socket.java:478)
at java.net.Socket.<init>(Socket.java:375)
at java.net.Socket.<init>(Socket.java:249)
at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80)
at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.codehaus.xfire.transport.http.CommonsHttpMessageSender.send(CommonsHttpMessageSender.java:369)
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:123)
... 77 more
診断
環境
- Crowd SSO is enabled
原因
- The Crowd server's IP address has changed or the domain name in
crowd.properties
is incorrect. - An expired Crowd SSL certificate can also generate similar warnings along with other SSL specific details such as PKIX errors.
ソリューション 1
- Modify the crowd.server.url property in
<crowd-home-directory>/crowd.properties
file to have the correct IP address or domain name for Crowd - If the issue persists, contact Atlassian Support at https://support.atlassian.com/ja/
ソリューション 2
- Confirm your Crowd SSL certificate expiry date and update accordingly with the following article https://confluence.atlassian.com/crowd/configuring-crowd-to-work-with-ssl-151520306.html
最終更新日: 2023 年 1 月 4 日
Powered by Confluence and Scroll Viewport.