com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_ACCESS_DENIED</reason><message>User does not have access to application &lt;FishEye&gt;</message></error>

Atlassian JIRA | Michael Heemskerk | 5 years ago
  1. 0

    If * no 'Groups to synchronise' have been configured and * FishEye is configured to periodically synchronise users from Crowd and * only limited groups have been granted access to FishEye in Crowd the following errors are logged when synchronising: {noformat} 2011-09-27 15:38:10,335 ERROR - Unexpected exception when retrieving token for user 'user.xyz' com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_ACCESS_DENIED</reason><message>User does not have access to application &lt;FishEye&gt;</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:300) at com.atlassian.crowd.integration.rest.service.RestCrowdClient.authenticateSSOUserWithoutValidatingPassword(RestCrowdClient.java:819) at com.cenqua.fisheye.user.crowd.CrowdAuth.canAuthenticate(CrowdAuth.java:278) at com.cenqua.fisheye.user.crowd.CrowdAuth.access$500(CrowdAuth.java:54) at com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:241) at com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:235) at com.cenqua.fisheye.user.crowd.CrowdAuth.withTimer(CrowdAuth.java:92) at com.cenqua.fisheye.user.crowd.CrowdAuth.recreateAuth(CrowdAuth.java:235) at com.cenqua.fisheye.user.DefaultUserManager.synchroniseUsers(DefaultUserManager.java:631) at sun.reflect.GeneratedMethodAccessor165.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at com.googlecode.ehcache.annotations.interceptor.EhCacheInterceptor.invokeTriggersRemove(EhCacheInterceptor.java:191) at com.googlecode.ehcache.annotations.interceptor.EhCacheInterceptor.invoke(EhCacheInterceptor.java:90) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) {noformat} The workaround is to configure the 'groups to synchronize' under Administration > Security Settings > Authentication > Jira or Crowd Authentication > Edit > Groups to synchronise

    Atlassian JIRA | 5 years ago | Michael Heemskerk
    com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_ACCESS_DENIED</reason><message>User does not have access to application &lt;FishEye&gt;</message></error>
  2. 0

    If * no 'Groups to synchronise' have been configured and * FishEye is configured to periodically synchronise users from Crowd and * only limited groups have been granted access to FishEye in Crowd the following errors are logged when synchronising: {noformat} 2011-09-27 15:38:10,335 ERROR - Unexpected exception when retrieving token for user 'user.xyz' com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_ACCESS_DENIED</reason><message>User does not have access to application &lt;FishEye&gt;</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:300) at com.atlassian.crowd.integration.rest.service.RestCrowdClient.authenticateSSOUserWithoutValidatingPassword(RestCrowdClient.java:819) at com.cenqua.fisheye.user.crowd.CrowdAuth.canAuthenticate(CrowdAuth.java:278) at com.cenqua.fisheye.user.crowd.CrowdAuth.access$500(CrowdAuth.java:54) at com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:241) at com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:235) at com.cenqua.fisheye.user.crowd.CrowdAuth.withTimer(CrowdAuth.java:92) at com.cenqua.fisheye.user.crowd.CrowdAuth.recreateAuth(CrowdAuth.java:235) at com.cenqua.fisheye.user.DefaultUserManager.synchroniseUsers(DefaultUserManager.java:631) at sun.reflect.GeneratedMethodAccessor165.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at com.googlecode.ehcache.annotations.interceptor.EhCacheInterceptor.invokeTriggersRemove(EhCacheInterceptor.java:191) at com.googlecode.ehcache.annotations.interceptor.EhCacheInterceptor.invoke(EhCacheInterceptor.java:90) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) {noformat} The workaround is to configure the 'groups to synchronize' under Administration > Security Settings > Authentication > Jira or Crowd Authentication > Edit > Groups to synchronise

    Atlassian JIRA | 5 years ago | Michael Heemskerk
    com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_ACCESS_DENIED</reason><message>User does not have access to application &lt;FishEye&gt;</message></error>
  3. 0

    Note: this issue may be related to [http://jira.atlassian.com/browse/CONFDEV-2776] but I open a separate issue since the stack is different. - In Jira: Add an LDAP directory and set it as Read-Only - In Jira: Add Confluence as an application. - In Confluence: Add Jira as a crowd server to the list of user directories, set is as Read/Write - In Confluence: Try to add a User *Expected*: Error message to propagate to UI *Actual*: Unhandled exception {code} com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.embedded.core.CrowdServiceImpl.updateUser(CrowdServiceImpl.java:343) caused by: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) {code} - In Confluence: Try add a user from LDAP to a group. *Expected*: Error message to propagate to UI *Actual*: {code} com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.embedded.core.CrowdServiceImpl.addUserToGroup(CrowdServiceImpl.java:708) caused by: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) {code}

    Atlassian JIRA | 6 years ago | Federico Silva Armas [Atlassian]
    com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error>
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Note: this issue may be related to [http://jira.atlassian.com/browse/CONFDEV-2776] but I open a separate issue since the stack is different. - In Jira: Add an LDAP directory and set it as Read-Only - In Jira: Add Confluence as an application. - In Confluence: Add Jira as a crowd server to the list of user directories, set is as Read/Write - In Confluence: Try to add a User *Expected*: Error message to propagate to UI *Actual*: Unhandled exception {code} com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.embedded.core.CrowdServiceImpl.updateUser(CrowdServiceImpl.java:343) caused by: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) {code} - In Confluence: Try add a user from LDAP to a group. *Expected*: Error message to propagate to UI *Actual*: {code} com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.embedded.core.CrowdServiceImpl.addUserToGroup(CrowdServiceImpl.java:708) caused by: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) {code}

    Atlassian JIRA | 6 years ago | Federico Silva Armas [Atlassian]
    com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error>
  6. 0

    Note: this issue may be related to [http://jira.atlassian.com/browse/CONFDEV-2776] but I open a separate issue since the stack is different. - In Jira: Add an LDAP directory and set it as Read-Only - In Jira: Add Confluence as an application. - In Confluence: Add Jira as a crowd server to the list of user directories, set is as Read/Write - In Confluence: Try to add a User *Expected*: Error message to propagate to UI *Actual*: Unhandled exception {code} com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.embedded.core.CrowdServiceImpl.updateUser(CrowdServiceImpl.java:343) caused by: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) {code} - In Confluence: Try add a user from LDAP to a group. *Expected*: Error message to propagate to UI *Actual*: {code} com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.embedded.core.CrowdServiceImpl.addUserToGroup(CrowdServiceImpl.java:708) caused by: com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update group 'jira-developers' because directory 'ApacheDS 1' does not allow updates.</message></error> at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414) {code}

    Atlassian JIRA | 6 years ago | Federico Silva Armas [Atlassian]
    com.atlassian.crowd.exception.ApplicationPermissionException: <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_PERMISSION_DENIED</reason><message>Cannot update user 'boss1' because directory 'ApacheDS 1' does not allow updates.</message></error>

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. com.atlassian.crowd.exception.ApplicationPermissionException

      <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><reason>APPLICATION_ACCESS_DENIED</reason><message>User does not have access to application &lt;FishEye&gt;</message></error>

      at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError()
    2. com.atlassian.crowd
      RestCrowdClient.authenticateSSOUserWithoutValidatingPassword
      1. com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:414)
      2. com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:300)
      3. com.atlassian.crowd.integration.rest.service.RestCrowdClient.authenticateSSOUserWithoutValidatingPassword(RestCrowdClient.java:819)
      3 frames
    3. com.cenqua.fisheye
      DefaultUserManager.synchroniseUsers
      1. com.cenqua.fisheye.user.crowd.CrowdAuth.canAuthenticate(CrowdAuth.java:278)
      2. com.cenqua.fisheye.user.crowd.CrowdAuth.access$500(CrowdAuth.java:54)
      3. com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:241)
      4. com.cenqua.fisheye.user.crowd.CrowdAuth$3.call(CrowdAuth.java:235)
      5. com.cenqua.fisheye.user.crowd.CrowdAuth.withTimer(CrowdAuth.java:92)
      6. com.cenqua.fisheye.user.crowd.CrowdAuth.recreateAuth(CrowdAuth.java:235)
      7. com.cenqua.fisheye.user.DefaultUserManager.synchroniseUsers(DefaultUserManager.java:631)
      7 frames
    4. Java RT
      Method.invoke
      1. sun.reflect.GeneratedMethodAccessor165.invoke(Unknown Source)
      2. sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      3. java.lang.reflect.Method.invoke(Method.java:597)
      3 frames
    5. Spring AOP
      ReflectiveMethodInvocation.proceed
      1. org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
      2. org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
      3. org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
      3 frames
    6. com.googlecode.ehcache
      EhCacheInterceptor.invoke
      1. com.googlecode.ehcache.annotations.interceptor.EhCacheInterceptor.invokeTriggersRemove(EhCacheInterceptor.java:191)
      2. com.googlecode.ehcache.annotations.interceptor.EhCacheInterceptor.invoke(EhCacheInterceptor.java:90)
      2 frames
    7. Spring AOP
      JdkDynamicAopProxy.invoke
      1. org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      2. org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
      2 frames