WebSudo Login Issues With HAProxy

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

Accessing Admin-related functions require a websudo authentication. With HAProxy in front of Confluence (as a load balancer for the Data Center), this becomes a problem if HAProxy is not configured correctly

Diagnosis

Environment

  • This applies only to HAProxy configurations with Confluence

Cause

Indirect flag in the cookie configuration in HAProxy, example:

backend confluence_app
    option httplog
    option forwardfor
    option http-server-close
    option httpchk

    mode        http
    balance     roundrobin
    cookie      JSESSIONID prefix indirect nocache

According to https://cbonte.github.io/haproxy-dconv/configuration-1.5.html :

          Note: it is highly recommended not to use "indirect" with
          "prefix", otherwise server cookie updates would not be sent to
          clients

Resolution

Remove the indirect flag in the cookie configuration in HAProxy, followed by a restart

 

Last modified on May 31, 2016

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.