Stash displays 404 j_stash_security_check after User Directory modifications

プラットフォームについて: Server と Data Center のみ - この記事は、サーバーおよびデータセンター プラットフォームのアトラシアン製品にのみ適用されます。

問題

After making changes to User Directories in Stash users are not able to log-in anymore.

The following page is showed after login attempt:

 

The following appears in the atlassian-stash.log

2015-08-13 17:06:56,498 WARN  [http-nio-7990-exec-3] @1TI7KIHx1026x23x0 127.0.0.1 "POST /j_stash_security_check HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Authenticator 'com.atlassian.stash.stash-auth-crowd-sso:crowdSsoAuthHandler' threw an exception
java.lang.NullPointerException: null
	at com.atlassian.stash.internal.crowd.HibernateApplicationDao.initialize(HibernateApplicationDao.java:67) ~[stash-dao-impl-3.11.1.jar:na]
	at com.atlassian.stash.internal.crowd.HibernateApplicationDao.findByName(HibernateApplicationDao.java:39) ~[stash-dao-impl-3.11.1.jar:na]
	at com.atlassian.stash.internal.crowd.HibernateApplicationDao.findByName(HibernateApplicationDao.java:25) ~[stash-dao-impl-3.11.1.jar:na]
	at com.atlassian.stash.internal.crowd.MemoizingApplicationFactory.getApplication(MemoizingApplicationFactory.java:36) ~[stash-service-impl-3.11.1.jar:na]
	at com.atlassian.crowd.embedded.core.CrowdServiceImpl.getApplication(CrowdServiceImpl.java:891) ~[embedded-crowd-core-2.8.4-m1.jar:na]
	at com.atlassian.crowd.embedded.core.CrowdServiceImpl.getUserWithAttributes(CrowdServiceImpl.java:104) ~[embedded-crowd-core-2.8.4-m1.jar:na]
	at com.atlassian.stash.internal.crowd.RiotPolice.findUserWithAttributes(RiotPolice.java:419) ~[stash-service-impl-3.11.1.jar:na]
	at com.atlassian.stash.internal.auth.DefaultCaptchaService.checkCaptcha(DefaultCaptchaService.java:93) ~[stash-service-impl-3.11.1.jar:na]
	at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:117) [PluginAuthenticationProvider.class:na]
	at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:61) [PluginAuthenticationProvider.class:na]
	at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:102) [StashAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:109) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:103) [atlassian-trusted-apps-core-4.0.0.jar:na]
	at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:79) [atlassian-oauth-service-provider-plugin-1.9.10_1432245188000.jar:na]
	at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:36) [analytics-client-3.70.1_1436161608000.jar:na]
	at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) [analytics-client-3.70.1_1436161608000.jar:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:87) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73) [BeforeLoginPluginAuthenticationFilter.class:na]
	at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:85) [stash-service-impl-3.11.1.jar:na]
	at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38) [ConfigurableWebFilter.class:na]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_45]
	at java.lang.Thread.run(Thread.java:745) [na:1.8.0_45]
	... 166 frames trimmed

診断

診断ステップ

Analyse the content of CWD_APP_DIR_MAPPING table in the database:

SELECT * FROM cwd_app_dir_mapping;

 

There are three possible scenarios where the error is present:

  1. Non-unique values in LIST_INDEX column

    mysql> SELECT * FROM cwd_app_dir_mapping;
    +--------+----------------+--------------+------------+--------------+
    | id     | application_id | directory_id | list_index | is_allow_all |
    +--------+----------------+--------------+------------+--------------+
    |  65537 |              1 |        32769 |          1 | T            |
    | 262145 |              1 |       229377 |          1 | T            |
    | 655361 |              1 |       622593 |          2 | T            |
    +--------+----------------+--------------+------------+--------------+
  2. Non-consecutive values in LIST_INDEX column

    mysql> SELECT * FROM cwd_app_dir_mapping;
    +--------+----------------+--------------+------------+--------------+
    | id     | application_id | directory_id | list_index | is_allow_all |
    +--------+----------------+--------------+------------+--------------+
    |  65537 |              1 |        32769 |          0 | T            |
    | 262145 |              1 |       229377 |          1 | T            |
    | 655361 |              1 |       622593 |          3 | T            |
    +--------+----------------+--------------+------------+--------------+
  3. Values in LIST_INDEX column consecutive but not starting from 0

    mysql> SELECT * FROM cwd_app_dir_mapping;
    +--------+----------------+--------------+------------+--------------+
    | id     | application_id | directory_id | list_index | is_allow_all |
    +--------+----------------+--------------+------------+--------------+
    |  65537 |              1 |        32769 |          1 | T            |
    | 262145 |              1 |       229377 |          2 | T            |
    | 655361 |              1 |       622593 |          3 | T            |
    +--------+----------------+--------------+------------+--------------+

原因

Modifications in User Directories could leave the Stash database in an inconsistent state, so that when users try to authenticate and the CWD_APP_DIR_MAPPING table is examined to spot the directory the user belongs to, it throws the error above.

回避策

Change the values of LIST_INDEX column in CWD_APP_DIR_MAPPING to make them consecutive and starting from 0 solves the problem.

UPDATE cwd_app_dir_mapping SET list_index=0 WHERE id=65537

The query provided is just an example and is referred only to case 1. Please change the values of LIST_INDEX and ID in the query accordingly to the case you are experiencing and to the actual values in the database table.

 

データベースの変更を行う場合は必ず事前にバックアップを取得してください。可能な場合は、まずステージング サーバーで SQL コマンドの変更、挿入、更新、または削除を行うようにします。

Last modified on Mar 30, 2016

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.