JIRA users can't login to Fisheye/Crucible or connecting to JIRA for user management fails
Symptoms
JIRA users can't login to Fisheye/Crucible, and the following appears in the
atlassian-fisheye-<date>.log
:2013-10-30 12:08:16,006 WARN [qtp16943370-186 ] fisheye ReSyncAuthAction-execute - Error synchronising users: com.cenqua.fisheye.user.AuthenticationException: Problem communicating with Crowd at com.cenqua.fisheye.user.crowd.CrowdAuth.listUserNames(CrowdAuth.java:512) at com.cenqua.fisheye.user.DefaultUserManager.synchroniseUsers(DefaultUserManager.java:698) at com.cenqua.fisheye.user.DefaultUserManager.synchroniseUsers(DefaultUserManager.java:673) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) … Caused by: com.atlassian.crowd.exception.ApplicationPermissionException: Forbidden (403) Encountered a "403 - Forbidden" error while loading this page. Go to JIRA home
Or, clicking the "
Next >>"
button while trying to connect to JIRA for user management fails and the following appears in theatlassian-fisheye-<date>.log
:Caused by: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.ApplicationPermissionException: Forbidden (403) Encountered a 403 - Forbidden error while loading this page. JIRA home at com.google.common.cache.CustomConcurrentHashMap$ComputedException.get(CustomConcurrentHashMap.java:3321) at com.google.common.cache.CustomConcurrentHashMap$ComputingValueReference.compute(CustomConcurrentHashMap.java:3441) at com.google.common.cache.CustomConcurrentHashMap$Segment.compute(CustomConcurrentHashMap.java:2322) at com.google.common.cache.CustomConcurrentHashMap$Segment.getOrCompute(CustomConcurrentHashMap.java:2291) at com.google.common.cache.CustomConcurrentHashMap.getOrCompute(CustomConcurrentHashMap.java:3802) at com.google.common.cache.ComputingCache.get(ComputingCache.java:46) at com.cenqua.fisheye.user.crowd.CrowdAuth$9.call(CrowdAuth.java:478) at com.cenqua.fisheye.user.crowd.CrowdAuth$9.call(CrowdAuth.java:475) at com.cenqua.fisheye.user.crowd.CrowdAuth.withTimer(CrowdAuth.java:117) at com.cenqua.fisheye.user.crowd.CrowdAuth.getGroupsForUser(CrowdAuth.java:475) ... 77 more Caused by: com.atlassian.crowd.exception.ApplicationPermissionException: Forbidden (403) Encountered a 403 - Forbidden error while loading this page. JIRA home at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:490) at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:344) at com.atlassian.crowd.integration.rest.service.RestCrowdClient.getNamesOfGroupsForNestedUser(RestCrowdClient.java:769) at com.cenqua.fisheye.user.crowd.CrowdAuth$1.load(CrowdAuth.java:85) at com.cenqua.fisheye.user.crowd.CrowdAuth$1.load(CrowdAuth.java:82) at com.google.common.cache.CustomConcurrentHashMap$ComputingValueReference.compute(CustomConcurrentHashMap.java:3426) ... 85 more
Cause
The Fisheye/Crucible server does not have permission to access the JIRA server for user management due to a missing IP address in list of allowed IPs in the JIRA User Server.
Resolution
Add the IP address of the Fisheye/Crucible server in JIRA Administration > Users > JIRA User Server
Note:
The network adapter of the server where Fisheye/Crucible is installed might be preferring IPv6 instead of IPv4 and, in this case, adding the IPv4 to the JIRA User Server won't be enough. There are two possible solutions:
- Add the IPv6 to list of allowed IPs in the JIRA User Server
- Add the option "-Djava.net.preferIPv4Stack=true" (without the quotes) into the FISHEYE_OPTS environment variable and restart the Fisheye/Crucible instance.