This documentation relates to an earlier version of FishEye.
View

Unknown macro: {spacejump}

or visit the current documentation home.

This page contains instructions on using SSL with FishEye.

On this page:

1. Obtain an SSL Certificate

An SSL certificate is required in order for SSL to work in FishEye. There are two ways to obtain one:

Self-Signed Certificate

 

Self-signed certificates are useful in cases where you require encryption, but do not need to verify the website's identity. They are commonly used for testing and on internal corporate networks (intranets). If a certificate is not signed by a Certification Authority (CA), users may get prompted that the site is untrusted. They may then have to perform several steps to "accept" the certificate before they can access the site. This usually only occurs the first time the site is accessed.

Please note, the following approach to create the certificate uses Java's keytool, and has been designed for use with Java 1.6. There are other tools for generating certificates such as openSSL, but the examples will be for keytools, unless the functionality required does not exist in keytools.

To obtain a self-signed certificate,

  1. Run the following command to create a new keystore file in the FishEye home directory (if one does not already exist):

    • Windows:

      "%JAVA_HOME%\bin\keytool" -keystore %FISHEYE_HOME%/keystore -alias fisheye -genkey -keyalg RSA

    • Unix/Linux:

      $JAVA_HOME/bin/keytool -keystore $FISHEYE_HOME/keystore -alias fisheye -genkey -keyalg RSA

  2. When the keytool utility prompts you with 'What is your first and last name?', enter the fully qualified hostnameof the server running FishEye/Crucible. Do not enter your first name and last name.

    What is the fully qualified hostname of my server?

    The fully qualified hostname of your server is the name you would type in your web browser, after the http:// section, to access a conventional website. When the client web browser examines the certificate, it checks this field to make sure it matches the hostname. If it does not, the browser may prevent access to the site and will at least generate messages saying that there is a mismatch. An example of a qualified hostname is: support.atlassian.com

  3. When the keytool utility prompts you to enter the keystore password and key password, enter your desired passwords. You must also specify these passwords in the FishEye/Crucible web admin (recommended) or specify these passwords directly in your config.xml in the corresponding attributes (see Configure FishEye/Crucible SSLbelow).

    <web-server context="/crucible" 
      site-url="http://localhost:6060/crucible/">
  <http bind=":6060"/>
  <ssl bind=":6443" keystore="keystore" keystore-password="password123" 
      truststore="keystore" truststore-password="password123"/>
</web-server>
  4. You now have the minimal requirements to run SSL in FishEye. Next, configure FishEye/Crucible to use SSL as described in the Configure FishEye/Crucible SSL section below.

Certificate Authority Certificate

 

Digital Certificates issued by trusted 3rd party Certification Authorities (CAs) provide verification of the identity of your website. Many CAs simply verify the domain name and issue the certificate. Other CAs such as VeriSign also verify the existence of your business, the ownership of your domain name and the authority to whom the certificate application was made, thereby providing a higher standard of identification and authenticity.

A list of CA's can be found here. Some of the most well-known CAs are:

This list is not an endorsement of the given certificate authorities by Atlassian, and is only provided as an example.

To obtain a certificate signed by a CA,

  1. Follow the instructions from the certificate authority you want your certificate signed by. Most CAs have their own instructions for you to follow, e.g. GoDaddy and VeriSign.
  2. If your CA requires a certificate signing request (CSR), use the following command:

    • Windows:

      "%JAVA_HOME%\bin\keytool" -certreq -alias fisheye -keystore %FISHEYE_HOME%\keystore -file %FISHEYE_HOME%\fisheye.csr

    • Unix/Linux:

      $JAVA_HOME/bin/keytool -certreq -alias fisheye -keystore $FISHEYE_HOME/keystore -file $FISHEYE_HOME/fisheye.csr
  3. Ensure that the keystore being used to generate the signing request contains an existing key/cert keypair. If you don't already have a key/cert keypair, follow the steps in Self Signed Certificates to generate a keypair.

  4. If the certificate your receive from the CA is not in a format that keytool understands then the openssl command can be used to convert formats since keytool does not perform any of these conversions. For example, to convert between DER and PEM formats:

    openssl x509 -in certificate.der 
         -inform DER -outform PEM -out certificate.crt

    If you have a key and a certificate in separate files you will need to combine them into a PKCS12 format file for loading into a new keystore.  See these instructions for information on how to do so.

  5. Load the certificate into the keystore, as follows:
    • CA certificate in PEM format:

      • Windows:

        "%JAVA_HOME%\bin\keytool" -keystore %FISHEYE_HOME%\keystore 
         -import -alias fisheye -file %FISHEYE_HOME%\certificate.crt 
         -trustcacerts

      • Unix/Linux:

        $JAVA_HOME/bin/keytool -keystore $FISHEYE_HOME\keystore 
         -import -alias fisheye -file $FISHEYE_HOME/certificate.crt 
         -trustcacerts
    • CA certificate in PKCS12 format:

      • Windows:

        %JAVA_HOME%\bin\keytool -importkeystore 
         -srckeystore %FISHEYE_HOME%\certificate.pkcs12 
         -srcstoretype PKCS12 -destkeystore %FISHEYE_HOME\keystore

      • Unix/Linux:

        $JAVA_HOME/bin/keytool -importkeystore 
         -srckeystore $FISHEYE_HOME/certificate.pkcs12 
         -srcstoretype PKCS12 -destkeystore $FISHEYE_HOME/keystore
  6. You will now have a keystore file with your certificate in it. Next, configure FishEye/Crucible to use SSL as described in the Configure FishEye/Crucible SSL section below.

2. Configure FishEye SSL

FishEye requires additional configuration in order to use SSL. This configuration can be done from the web admin as described below (recommended), or added directly into your config.xml. Setting the bind address and the keystore and password field, as described below, will enable SSL in FishEye. You will need to restart your server after updating the settings, for the changes to take effect.

To configure FishEye to use SSL,

  1. Navigate to the FishEye web admin and click 'Server' under the 'Global Settings' section. The 'Server Settings' page will be displayed (see 'Server Settings' screenshot below).
  2. Click the 'Edit Settings' link in the 'Web Server' section. The settings will refresh as editable.

  3. Update the following fields (see 'Example SSL Settings' screenshot below):

    Field

    Description

    Example value

    SSL Bind Address

    The SSL port. Most browsers default to 443 as the SSL port for the https protocol.

    443

    SSL Keystore

    Path to the keystore file (as generated in the steps above). This path can be a relative path - e.g., putting in keystore will mean that the file is in FISHEYE_HOME/keystore

    keystore

    SSL Keystore Password

    The password you used in the above step when creating the keystore file. If you did not set a password, leave this empty. See the passwords section

     

    SSL Truststore

    Optional setting. Path to the truststore file. May be the same as the keystore. Truststore is a list of trusted CAs. Format is the same as the keystore entry.

     

    SSL Truststore Password

    Optional setting. The password you used in the above step when creating the truststore file. If you did not set a password, leave this empty. See the passwords section

     

  4. Restart your server.

Screenshots: Fisheye Server Settings (click to view larger images)

1. Server Settings
2. Example SSL Settings

  • No labels

11 Comments

  1. Anonymous

    Feb 22, 2011

    On manual configuration, if I don't provide trustkeystore path and password, the application throws a NPE.

    1. Felix Petriconi

      Aug 29, 2011

      I made the same experience. Without a provided truststore I get the following dump:

      ERROR: problem running command
java.lang.reflect.InvocationTargetException
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at com.cenqua.fisheye.FishEyeCtl.mainImpl(FishEyeCtl.java:114)
 at com.cenqua.fisheye.FishEyeCtl.main(FishEyeCtl.java:42)
Caused by: java.lang.NullPointerException
 at java.io.File.<init>(File.java:222)
 at com.cenqua.fisheye.web.WebServer.getStorePath(WebServer.java:183)
 at com.cenqua.fisheye.web.WebServer.addSSLListener(WebServer.java:153)
 at com.cenqua.fisheye.web.WebServer.<init>(WebServer.java:89)
 at com.cenqua.fisheye.web.WebServer.<init>(WebServer.java:60)
 at com.cenqua.fisheye.ctl.Run.mainImpl(Run.java:194)
 at com.cenqua.fisheye.ctl.Run.main(Run.java:76)
 ... 6 more 

  2. Dave Hergert

    Oct 20, 2011

    What if your keystore contains more than one certificate? Does it look for a certificate with the alias "fisheye" or is there a way to specify which keyAlias gets used?

  3. Dave Hergert

    Jan 09, 2012

    How do you force SSL? I have SSL enabled and its working fine, but people that have the old "http" URL can still access the application insecurely.  Is there a way to configure FishEye to always redirect to SSL?

    This wouldn't normally be an issue except when you access the application over non-SSL and then try to add files to a Crucible review, it hangs due to a conflict between http/https requests.

    1. Marcin Cabaj

      Jan 26, 2012

      Hi David, you can do simply rewrite by apache, eg:

      NameVirtualHost *:80

<VirtualHost *:80>
ServerName crucible.yourcompany.com

RewriteEngine on
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
</VirtualHost>

      cheers

       

      1. Dave Hergert

        Jan 26, 2012

        Marcin - I agree that can be done in Apache very easily and we actually had FECRU running behind Apache at one point but this new feature to allow FECRU to support SSL natively allows us to not have to need Apache anymore, simplifying our infrastructure.  But I would think there should be a way to force users, especially when the application breaks when you have SSL turned on and the front-end URL is https and someone accesses it via http.  I created  FE-3920 - Getting issue details... STATUS  to track the request.

      2. Anonymous

        Jan 26, 2012

        <VirtualHost *:80>
            Redirect / https://domain.com
        </VirtualHost>

  4. Anonymous

    Apr 20, 2012

    I get the following error when trying to login to the SSL site.

    ERROR - /login
    java.lang.IllegalArgumentException: :///
            at org.mortbay.jetty.HttpURI.parse2(HttpURI.java:166)
            at org.mortbay.jetty.HttpURI.parse(HttpURI.java:109)
            at org.mortbay.jetty.HttpURI.<init>(HttpURI.java:91)
            at org.mortbay.jetty.Response.sendRedirect(Response.java:406)
            at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:136)
            at org.mortbay.servlet.GzipFilter$GZIPResponseWrapper.sendRedirect(GzipFilter.java:331)
            at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:136)
            at com.cenqua.fisheye.web.LoginServlet.doLogin(LoginServlet.java:83)
            at com.cenqua.fisheye.web.LoginServlet.doGet(LoginServlet.java:57)
            at com.cenqua.fisheye.web.LoginServlet.doPost(LoginServlet.java:49)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
            at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1272)
            at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
            at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
            at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25)
            at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
            at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:83)
            at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.atlassian.crucible.filters.CrucibleFilter.doFilter(CrucibleFilter.java:146)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.cenqua.fisheye.web.filters.TotalityFilter.doFilter(TotalityFilter.java:278)
            at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
            at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98)
            at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
            at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
            at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
            at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:71)
            at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
            at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at org.mortbay.servlet.UserAgentFilter.doFilter(UserAgentFilter.java:78)
            at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter.java:131)
            at com.cenqua.fisheye.web.filters.CustomIncludableGzipFilter.doFilter(CustomIncludableGzipFilter.java:27)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.cenqua.fisheye.web.filters.ProductInfoFilter.doFilter(ProductInfoFilter.java:44)
            at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
            at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
            at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.cenqua.fisheye.web.filters.UpfrontFilter.doFilter(UpfrontFilter.java:54)
            at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
            at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at com.atlassian.fecru.profiling.ProfilingServletFilter.doFilter(ProfilingServletFilter.java:73)
            at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
            at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
            at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
            at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:399)
            at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
            at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
            at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
            at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
            at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
            at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
            at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
            at org.mortbay.jetty.Server.handle(Server.java:326)
            at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
            at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:945)
            at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:756)
            at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
            at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
            at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
            at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:713)
            at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)

    1. Adam Bailey

      Jun 07, 2012

      I get this as well. If I browse to https and try to login I get:

      Your request was unable to be processed

      java.lang.IllegalArgumentException - :///

      The debug log prepends the above detail with:

      fisheye.app TotalityFilter-logExceptionDetails - Exception ":///"

      But if I browse to http and login, then I am able to navigate to https and the site works.

      By the way I am running release CR2.7.11 (20120227023831 2012-02-27)

      The problem only seems to occur when trying to login or access the administrative panel.

      I had disabled the http binding and configured the site for SSL and if I was logged in already, I could go through Dashboard/Projects/etc. But if someone tried to login or I tried to reach the admin (over SSL), the site would fail with the above error.

      If I try to reach the admin over SSL I get:

      ERROR [btpool0-3 ] org.mortbay.log org.mortbay.log.Slf4jLog-warn - EXCEPTION
      java.lang.IllegalArgumentException: :///admin/admin.do
          at org.mortbay.jetty.HttpURI.parse2(HttpURI.java:166)
          at org.mortbay.jetty.HttpURI.parse(HttpURI.java:109)
          at org.mortbay.jetty.HttpURI.<init>(HttpURI.java:91)
          at org.mortbay.jetty.Response.sendRedirect(Response.java:406)
          at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:136)
          at org.mortbay.servlet.GzipFilter$GZIPResponseWrapper.sendRedirect(GzipFilter.java:331)
          at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:136)
          at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:136)
          at com.opensymphony.module.sitemesh.filter.PageResponseWrapper.sendRedirect(PageResponseWrapper.java:181)
          at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:136)
          at org.apache.taglibs.standard.tag.common.core.RedirectSupport.doEndTag(RedirectSupport.java:148)
          at org.apache.jsp.admin.index_jsp._jspx_meth_c_redirect_0(index_jsp.java:80)
          at org.apache.jsp.admin.index_jsp._jspService(index_jsp.java:55)
          at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:109)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
          at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1272)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
          at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:70)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.crucible.filters.CrucibleFilter.doFilter(CrucibleFilter.java:146)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.cenqua.fisheye.web.filters.TotalityFilter.doFilter(TotalityFilter.java:278)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
          at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:71)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:399)
          at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
          at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
          at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
          at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
          at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:327)
          at org.mortbay.jetty.servlet.Dispatcher.forward(Dispatcher.java:126)
          at org.mortbay.jetty.servlet.DefaultServlet.doGet(DefaultServlet.java:503)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
          at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1272)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
          at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
          at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:54)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:83)
          at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.crucible.filters.CrucibleFilter.doFilter(CrucibleFilter.java:146)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.cenqua.fisheye.web.filters.TotalityFilter.doFilter(TotalityFilter.java:278)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
          at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:71)
          at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at org.mortbay.servlet.UserAgentFilter.doFilter(UserAgentFilter.java:78)
          at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter.java:131)
          at com.cenqua.fisheye.web.filters.CustomIncludableGzipFilter.doFilter(CustomIncludableGzipFilter.java:27)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.cenqua.fisheye.web.filters.ProductInfoFilter.doFilter(ProductInfoFilter.java:44)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:77)
          at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:63)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.cenqua.fisheye.web.filters.UpfrontFilter.doFilter(UpfrontFilter.java:54)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at com.atlassian.fecru.profiling.ProfilingServletFilter.doFilter(ProfilingServletFilter.java:73)
          at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
          at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
          at org.mortbay.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1264)
          at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:399)
          at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
          at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
          at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:766)
          at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:450)
          at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
          at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
          at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
          at org.mortbay.jetty.Server.handle(Server.java:326)
          at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
          at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:928)
          at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
          at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
          at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
          at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
          at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:713)
          at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:451)

    2. Adam Bailey

      Jun 13, 2012

      I was able to solve this problem locally by making sure the site-url specified in the Server Settings was formatted as: http(s)://<domain>:<port> and NO trailing slash! We had a trailing slash in ours and that broke SSL based logins.

      1. Daniel R

        Jun 14, 2012

        Hello Adam,

        Thanks for posting your question and solution. Our example on this page doesn't include the trailing slash but I can definitely add that to the notes.

        Daniel



Log a request with our support team.



Raise an issue for our developers.



See answers from the community.



Blog and update our documentation.

 Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.