A mutative operation was attempted on RememberMeTokenImpl
Symptoms
The following stack trace appears to the user in the UI when trying to login:
Stack Trace:
java.lang.IllegalStateException: XSRF: A mutative operation was attempted on RememberMeTokenImpl within a non-mutative HTTP request: https://<bambooURL>/allPlans.action : [null]->
->[[username, timestamp, cookie]]
at com.atlassian.bamboo.utils.XsrfUtils.fail(XsrfUtils.java:32)
at com.atlassian.bamboo.hibernate.ReadOnlyGetMethodEnforcer.fail(ReadOnlyGetMethodEnforcer.java:74)
at com.atlassian.bamboo.hibernate.ReadOnlyGetMethodEnforcer.failIfStateMutationNotAllowed(ReadOnlyGetMethodEnforcer.java:64)
at com.atlassian.bamboo.hibernate.ReadOnlyGetMethodEnforcer.onDelete(ReadOnlyGetMethodEnforcer.java:56)
at org.springframework.orm.hibernate.support.ChainedInterceptorSupport.onDelete(ChainedInterceptorSupport.java:131)
...
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1008)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1686)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)Diagnosis
This error happens after user have made changes to the crowd configuration in Bamboo and saved.
The following error can be seen from the logs right after user save the configuration:
2015-02-17 10:47:06,280 ERROR [http-nio-443-exec-12] [FiveOhOh] 500 Exception was thrown.
java.lang.IllegalStateException: Connection factory has been shutdown.
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:456)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.executeCrowdServiceMethod(RestExecutor.java:452)
at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:341)
at com.atlassian.crowd.integration.rest.service.RestCrowdClient.getCookieConfiguration(RestCrowdClient.java:1033)
at com.atlassian.crowd.integration.http.CrowdHttpAuthenticatorImpl.getCookieTokenKey(CrowdHttpAuthenticatorImpl.java:219)
at com.atlassian.crowd.integration.http.CrowdHttpAuthenticatorImpl.getToken(CrowdHttpAuthenticatorImpl.java:200)
at com.atlassian.crowd.integration.http.CacheAwareCrowdHttpAuthenticator.getToken(CacheAwareCrowdHttpAuthenticator.java:83)
at com.atlassian.crowd.integration.seraph.v25.CrowdAuthenticator.getUser(CrowdAuthenticator.java:345)
at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:138)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)Cause
Bamboo Authenticator for Crowd SSO does not support Crowd property changes at runtime. This is evident through the comment block in seraph-config.xml:
<!-- If you're authenticating against a Crowd server you can use this authenticator for single sign-on.
Enable it after configuring your Crowd properties through user management and restart Bamboo. It does not support
Crowd property changes at runtime. If you need to switch back to local users, revert the change and
restart Bamboo again.
-->
<authenticator class="com.atlassian.crowd.integration.seraph.v25.BambooAuthenticator"/>Resolution
- Restart Bamboo after updating Crowd configuration if SSO is enabled.
There is a ticket requesting Bamboo to warn users about the restart in the UI BAM-15532 - Getting issue details... STATUS
Last modified on Mar 30, 2016
Powered by Confluence and Scroll Viewport.