JIRA User From LDAP Has Passed Authentication, but can't Login (Special Character In Username)

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

問題

User can not have successful log in at Log-In page, but when you refer to atlassian-jira-security.log you can sport the following log.

2015-02-16 09:23:56,213 http-bio-80-exec-14281 przemyslaw.smietana 563x2049858x1 bwnlqt XXX.XXX.XXX.XXX /rest/gadget/1.0/login The user 'przemyslaw.smietana' has PASSED authentication.

This is while you will have the below authentication issue immediately after that:

2015-02-16 09:24:02,942 http-bio-80-exec-14270 anonymous 564x2049880x1 1hdetk6 XXX.XXX.XXX.XXX /rest/gadget/1.0/login login : 'przemyslaw.smietana' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
2015-02-16 09:24:02,942 http-bio-80-exec-14270 anonymous 564x2049880x1 1hdetk6 XXX.XXX.XXX.XXX /rest/gadget/1.0/login The user 'przemyslaw.smietana' has FAILED authentication.  Failure count equals 1

 

診断

環境

  • LDAP and external user directory

診断ステップ

In order to check the username in different tables we can run the following queries:

select * from cwd_user where user_name= 'przemyslaw.smietana';
select * from app_user where lower_user_name = 'przemyslaw.smietana';
select * from cwd_membership where child_name = 'przemyslaw.smietana';
select * from cwd_user_attributes where user_id= (select id from cwd_user where user_name= 'przemyslaw.smietana');

原因

As it can be seen by running the query on the app_user table which is a table to map external directory with other JIRA tables. There is a special character in username ś which prevents us to have successful authentication in JIRA but as external directory supports special characters we have successful log in at the logs too.

回避策

  • To rename the username and make sure there is no special character in it

  • To update lower_user_name entry in the database
最終更新日: 2016 年 2 月 26 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.