Users unable to log in using SSO
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
要約
Users are unable to log in using SSO. This could be happening after an upgrade of Jira
診断
- Users are unable to log in using SSO
The below error is seen in the logs during log in attempt
2022-05-12 15:59:12,612+0200 http-nio-8080-exec-22 WARN anonymous 123x4567x8 1a23b4c 10.11.12.13,127.0.0.1 /plugins/servlet/samlconsumer [c.a.p.a.i.web.saml.SamlConsumerServlet] Received an invalid SamlResponse: com.atlassian.plugins.authentication.impl.web.saml.provider.InvalidSamlResponse: Received invalid SAML response: Signature validation failed. SAML Response rejected 2022-05-12 15:59:12,612+0200 http-nio-8080-exec-22 ERROR anonymous 123x4567x8 1a23b4c 10.11.12.13,127.0.0.1 /plugins/servlet/samlconsumer [c.a.p.a.i.web.filter.ErrorHandlingFilter] Received invalid SAML response: Signature validation failed. SAML Response rejected com.atlassian.plugins.authentication.impl.web.saml.provider.InvalidSamlResponse: Received invalid SAML response: Signature validation failed. SAML Response rejected at com.atlassian.plugins.authentication.impl.web.saml.provider.impl.OneloginJavaSamlProvider.lambda$extractSamlResponse$1(OneloginJavaSamlProvider.java:91) at com.atlassian.plugin.util.ContextClassLoaderSwitchingUtil.runInContext(ContextClassLoaderSwitchingUtil.java:48) at com.atlassian.plugins.authentication.impl.web.saml.provider.impl.OneloginJavaSamlProvider.extractSamlResponse(OneloginJavaSamlProvider.java:82) at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.doPost(SamlConsumerServlet.java:94) ...
- This could be happening immediately after upgrade. Before upgrade (or upon roll back), users are able to log in without issues
- Verified that the certificate is correct
- Re-creating the SSO configuration also does not help
原因
Caused by character encoding issue
ソリューション
- Jira を停止します。
Add the 2 properties below as per Setting properties and options on startup
-Dfile.encoding=UTF-8 -Djavax.servlet.request.encoding=UTF8
Jira を再起動します。
最終更新日 2022 年 5 月 23 日
Powered by Confluence and Scroll Viewport.