Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.11.4, 3.2.0
-
Component/s: Crowd, LDAP, User Token
-
Labels:None
-
Environment:PRO
-
Story Points:2
-
Sprint:Sprint 88
Description
An error occurred when trying to contact a Crowd server to look up the user ID associated with a user token:
2017-01-17 17:59:19,293-0600 WARN [qtp1976642001-174945] *UNKNOWN com.atlassian.crowd.integration.rest.service.RestExecutor - The following URL does not specify a valid Crowd User Management REST service: https://com.server.com/crowd/rest/usermanagement/1/user?username=USERNAME
2017-01-17 17:59:19,355-0600 WARN [qtp1976642001-174945] *UNKNOWN com.sonatype.nexus.crowd.internal.CrowdUserManager - Unable to look up Crowd user USERNAME due to javax.xml.bind.DataBindingException/javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; Premature end of file.]
2017-01-17 17:59:19,355-0600 DEBUG [qtp1976642001-174945] *UNKNOWN com.sonatype.nexus.usertoken.plugin.realm.UserTokenRealm - Removing stale user-token, target principals are no longer valid
2017-01-17 17:59:19,355-0600 DEBUG [qtp1976642001-174945] *UNKNOWN com.sonatype.nexus.usertoken.plugin.internal.UserTokenServiceImpl - Removing record for: USERNAME
2017-01-17 17:59:19,371-0600 TRACE [qtp1976642001-174945] *UNKNOWN org.sonatype.security.internal.UserIdMdcHelper - Set: USERNAME
In response to this Nexus removed the user token.
Expected:
1. Nexus should not remove the token unless the server can be reached, and the user can't be found
2. Nexus should return a 401 if the server can't be reached.
Attachments
Issue Links
- testing discovered
-
NEXUS-9754 External Realm (LDAP, Crowd) cache duration setting
-
- Done
-