Usernames with special characters may be double encoded behind an Apache Proxy with a RewriteRule
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
When working with user names that contain special characters, (such as "@" and "#") you may receive the following message:
User <test%45test.com> does not exist
Cause
Crowd is behind a reverse proxy, and a RewriteRule exists to alter the URL (perhaps to go from http to https) in some form:
RewriteRule ^/?(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
The special characters are being encoded, and being double encoded again by the reverse proxy.
Resolution
Add the NoEncode to the RewriteRule, to ensure that the Rewrite is not being double encoded. The above rule would become:
RewriteRule ^/?(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,NE,L]