com.atlassian.stash.user.AuthenticationSystemException: The CAPTCHA service found itself in an awkward situation

Atlassian JIRA | Deric Lee | 2 years ago
  1. 0

    After several failed login attempts, CAPTCHA will be will show. After filling up the CAPTCHA, regardless whether it was correct or incorrect, the following message is shown: "The CAPTCHA service found itself in an awkward situation" The logs shows this {noformat}2014-08-04 22:24:51,367 WARN [http-bio-7990-exec-3] @12FBVTTx1344x84x0 1fjqwkn 0:0:0:0:0:0:0:1 "POST /j_stash_security_check HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Could not authenticate admin; authentication by com.atlassian.stash.stash-auth-crowd-sso:crowdSsoAuthHandler failed com.atlassian.stash.user.AuthenticationSystemException: The CAPTCHA service found itself in an awkward situation at com.atlassian.stash.internal.auth.DefaultCaptchaService.isCaptchaValid(DefaultCaptchaService.java:219) ~[stash-service-impl-3.2.0.jar:na] at com.atlassian.stash.internal.auth.DefaultCaptchaService.checkCaptcha(DefaultCaptchaService.java:97) ~[stash-service-impl-3.2.0.jar:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:109) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:59) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:100) [StashAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [atlassian-trusted-apps-core-3.0.6.jar:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1406589600000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:33) [analytics-client-3.35_1406589604000.jar:na] at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) [atlassian-core-4.6.15.jar:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84) [stash-service-impl-3.2.0.jar:na] at com.hazelcast.web.WebFilter.doFilter(WebFilter.java:446) [hazelcast-wm-3.3-RC2.jar:3.3-RC2] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_65] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_65] ... 143 frames trimmed{noformat}

    Atlassian JIRA | 2 years ago | Deric Lee [Atlassian]
    com.atlassian.stash.user.AuthenticationSystemException: The CAPTCHA service found itself in an awkward situation
  2. 0

    After several failed login attempts, CAPTCHA will be will show. After filling up the CAPTCHA, regardless whether it was correct or incorrect, the following message is shown: "The CAPTCHA service found itself in an awkward situation" The logs shows this {noformat}2014-08-04 22:24:51,367 WARN [http-bio-7990-exec-3] @12FBVTTx1344x84x0 1fjqwkn 0:0:0:0:0:0:0:1 "POST /j_stash_security_check HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Could not authenticate admin; authentication by com.atlassian.stash.stash-auth-crowd-sso:crowdSsoAuthHandler failed com.atlassian.stash.user.AuthenticationSystemException: The CAPTCHA service found itself in an awkward situation at com.atlassian.stash.internal.auth.DefaultCaptchaService.isCaptchaValid(DefaultCaptchaService.java:219) ~[stash-service-impl-3.2.0.jar:na] at com.atlassian.stash.internal.auth.DefaultCaptchaService.checkCaptcha(DefaultCaptchaService.java:97) ~[stash-service-impl-3.2.0.jar:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:109) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:59) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:100) [StashAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [atlassian-trusted-apps-core-3.0.6.jar:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1406589600000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:33) [analytics-client-3.35_1406589604000.jar:na] at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) [atlassian-core-4.6.15.jar:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84) [stash-service-impl-3.2.0.jar:na] at com.hazelcast.web.WebFilter.doFilter(WebFilter.java:446) [hazelcast-wm-3.3-RC2.jar:3.3-RC2] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_65] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_65] ... 143 frames trimmed{noformat}

    Atlassian JIRA | 2 years ago | Deric Lee
    com.atlassian.stash.user.AuthenticationSystemException: The CAPTCHA service found itself in an awkward situation
  3. 0

    h2. Problem statement If your User Directory is behind a reverse proxy, Stash might fail with the following exceptions: {noformat:title=example 1} 2014-10-24 22:18:39,154 ERROR [http-nio-8443-exec-10] superadmin @1VRW1K7x1338x222x0 1e52nv5 127.0.0.1 "POST /plugins/servlet/embedded-crowd/configure/crowd/ HTTP/1.1" c.a.c.e.a.ConfigurationController Configuration test failed for user directory: [ KP Crowd Server], type: [ CROWD ] com.atlassian.crowd.exception.runtime.OperationFailedException: The following URL does not specify a valid Crowd User Management REST service: https://<reverse_proxy_address>/crowd/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user at com.atlassian.crowd.embedded.core.CrowdDirectoryServiceImpl.testConnection(CrowdDirectoryServiceImpl.java:78) ~[CrowdDirectoryServiceImpl.class:na] at com.atlassian.stash.internal.crowd.CustomizedCrowdDirectoryService.testConnection(CustomizedCrowdDirectoryService.java:43) ~[CustomizedCrowdDirectoryService.class:na] at com.atlassian.crowd.embedded.admin.ConfigurationController.onSubmit(ConfigurationController.java:95) ~[embedded-crowd-admin-plugin-1.8-m2_1413897170000.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25) [applinks-plugin-4.3.0_1413897172000.jar:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:86) [StashAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1413897172000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:33) [analytics-client-3.48_1413897174000.jar:na] at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) [AbstractHttpFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:85) [DefaultRequestManager.class:na] at com.hazelcast.web.WebFilter.doFilter(WebFilter.java:463) [WebFilter.class:3.3.2-atlassian-3] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_25] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25] ... 226 frames trimmed Caused by: com.atlassian.crowd.exception.InvalidCrowdServiceException: The following URL does not specify a valid Crowd User Management REST service: https://<reverse_proxy_address>/crowd/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.executeCrowdServiceMethod(RestExecutor.java:628) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:464) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestCrowdClient.searchUsers(RestCrowdClient.java:553) ~[RestCrowdClient.class:na] at com.atlassian.crowd.integration.rest.service.RestCrowdClient.testConnection(RestCrowdClient.java:541) ~[RestCrowdClient.class:na] at com.atlassian.crowd.directory.RemoteCrowdDirectory.testConnection(RemoteCrowdDirectory.java:830) ~[RemoteCrowdDirectory.class:na] at com.atlassian.crowd.embedded.core.CrowdDirectoryServiceImpl.testConnection(CrowdDirectoryServiceImpl.java:69) ~[CrowdDirectoryServiceImpl.class:na] ... 17 common frames omitted {noformat} {noformat:title=example 2} 2014-11-13 11:00:47,638 WARN [http-nio-7990-exec-7] @P1PMTOx660x10717x0 10.0.3.88,10.0.0.123 "GET /rest/api/1.0/users/usert@somain.com/repos HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Could not authenticate user@domain.com; authentication by com.atlassian.stash.stash-authentication:crowdHttpAuthHandler failed com.atlassian.stash.user.AuthenticationSystemException: The remote authentication server is not available. Please try again later. at com.atlassian.stash.internal.crowd.RiotPolice.authenticate(RiotPolice.java:113) ~[RiotPolice.class:na] at com.atlassian.stash.internal.user.DefaultUserService.authenticate(DefaultUserService.java:94) ~[DefaultUserService.class:na] at com.atlassian.stash.internal.auth.EmbeddedCrowdHttpAuthenticationHandler.authenticate(EmbeddedCrowdHttpAuthenticationHandler.java:40) ~[EmbeddedCrowdHttpAuthenticationHandler.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider$1.perform(PluginAuthenticationProvider.java:96) ~[PluginAuthenticationProvider$1.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider$1.perform(PluginAuthenticationProvider.java:93) ~[PluginAuthenticationProvider$1.class:na] at com.atlassian.stash.internal.auth.DefaultCaptchaService.authenticateWithCaptcha(DefaultCaptchaService.java:71) ~[DefaultCaptchaService.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:113) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:60) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:100) [StashAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1415217634000.jar:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1415217634000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:32) [analytics-client-3.53_1414682400000.jar:na] at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) [analytics-client-3.53_1414682400000.jar:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:85) [DefaultRequestManager.class:na] at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:35) [ConfigurableWebFilter.class:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_60] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_60] ... 226 frames trimmed Caused by: com.atlassian.crowd.exception.runtime.OperationFailedException: null at com.atlassian.crowd.embedded.core.CrowdServiceImpl.convertOperationFailedException(CrowdServiceImpl.java:915) ~[CrowdServiceImpl.class:na] at com.atlassian.crowd.embedded.core.CrowdServiceImpl.authenticate(CrowdServiceImpl.java:80) ~[CrowdServiceImpl.class:na] at com.atlassian.stash.internal.crowd.RiotPolice.authenticate(RiotPolice.java:98) ~[RiotPolice.class:na] ... 23 common frames omitted Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) ~[na:1.7.0_60] at java.net.SocketInputStream.read(SocketInputStream.java:122) ~[na:1.7.0_60] at sun.security.ssl.InputRecord.readFully(InputRecord.java:442) ~[na:1.7.0_60] at sun.security.ssl.InputRecord.read(InputRecord.java:480) ~[na:1.7.0_60] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) ~[na:1.7.0_60] at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884) ~[na:1.7.0_60] at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) ~[na:1.7.0_60] at org.apache.http.impl.io.SessionInputBufferImpl.streamRead(SessionInputBufferImpl.java:136) ~[SessionInputBufferImpl.class:4.3.2] at org.apache.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:152) ~[SessionInputBufferImpl.class:4.3.2] at org.apache.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:270) ~[SessionInputBufferImpl.class:4.3.2] at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:140) ~[DefaultHttpResponseParser.class:4.3.5] at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57) ~[DefaultHttpResponseParser.class:4.3.5] at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:260) ~[AbstractMessageParser.class:4.3.2] at org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:161) ~[DefaultBHttpClientConnection.class:4.3.2] at org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:153) ~[CPoolProxy.class:4.3.5] at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:271) ~[HttpRequestExecutor.class:4.3.2] at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123) ~[HttpRequestExecutor.class:4.3.2] at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:254) ~[MainClientExec.class:4.3.5] at org.apache.http.impl.client.cache.CachingExec.callBackend(CachingExec.java:575) ~[CachingExec.class:4.3.5] at org.apache.http.impl.client.cache.CachingExec.execute(CachingExec.java:256) ~[CachingExec.class:4.3.5] at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195) ~[ProtocolExec.class:4.3.5] at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86) ~[RetryExec.class:4.3.5] at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) ~[RedirectExec.class:4.3.5] at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) ~[InternalHttpClient.class:4.3.5] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[CloseableHttpClient.class:4.3.5] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57) ~[CloseableHttpClient.class:4.3.5] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.rewriteAndExecute(RestExecutor.java:607) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.executeCrowdServiceMethod(RestExecutor.java:622) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:464) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestCrowdClient.authenticateUser(RestCrowdClient.java:139) ~[RestCrowdClient.class:na] at com.atlassian.crowd.directory.RemoteCrowdDirectory.authenticate(RemoteCrowdDirectory.java:194) ~[RemoteCrowdDirectory.class:na] at com.atlassian.crowd.directory.DbCachingRemoteDirectory.authenticateAndUpdateInternalUser(DbCachingRemoteDirectory.java:295) ~[DbCachingRemoteDirectory.class:na] at com.atlassian.crowd.directory.DbCachingRemoteDirectory.authenticate(DbCachingRemoteDirectory.java:200) ~[DbCachingRemoteDirectory.class:na] at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.authenticateUser(DirectoryManagerGeneric.java:283) ~[DirectoryManagerGeneric.class:na] at com.atlassian.stash.internal.crowd.CustomizedDirectoryManager.authenticateUser(CustomizedDirectoryManager.java:53) ~[CustomizedDirectoryManager.class:na] at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.authenticateUser(ApplicationServiceGeneric.java:196) ~[ApplicationServiceGeneric.class:na] at com.atlassian.stash.internal.crowd.CustomizedApplicationService.authenticateUser(CustomizedApplicationService.java:44) ~[CustomizedApplicationService.class:na] at com.atlassian.crowd.embedded.core.CrowdServiceImpl.authenticate(CrowdServiceImpl.java:68) ~[CrowdServiceImpl.class:na] ... 24 common frames omitted {noformat} h2. Workaround The workaround is to bypass the reverse proxy by setting up Stash to talk directly to your User Directory URL.

    Atlassian JIRA | 2 years ago | Thiago Bomfim [Atlassian]
    com.atlassian.stash.user.AuthenticationSystemException: The remote authentication server is not available. Please try again later.
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    h2. Problem statement If your User Directory is behind a reverse proxy, Stash might fail with the following exceptions: {noformat:title=example 1} 2014-10-24 22:18:39,154 ERROR [http-nio-8443-exec-10] superadmin @1VRW1K7x1338x222x0 1e52nv5 127.0.0.1 "POST /plugins/servlet/embedded-crowd/configure/crowd/ HTTP/1.1" c.a.c.e.a.ConfigurationController Configuration test failed for user directory: [ KP Crowd Server], type: [ CROWD ] com.atlassian.crowd.exception.runtime.OperationFailedException: The following URL does not specify a valid Crowd User Management REST service: https://<reverse_proxy_address>/crowd/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user at com.atlassian.crowd.embedded.core.CrowdDirectoryServiceImpl.testConnection(CrowdDirectoryServiceImpl.java:78) ~[CrowdDirectoryServiceImpl.class:na] at com.atlassian.stash.internal.crowd.CustomizedCrowdDirectoryService.testConnection(CustomizedCrowdDirectoryService.java:43) ~[CustomizedCrowdDirectoryService.class:na] at com.atlassian.crowd.embedded.admin.ConfigurationController.onSubmit(ConfigurationController.java:95) ~[embedded-crowd-admin-plugin-1.8-m2_1413897170000.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25) [applinks-plugin-4.3.0_1413897172000.jar:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:86) [StashAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1413897172000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:33) [analytics-client-3.48_1413897174000.jar:na] at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) [AbstractHttpFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:85) [DefaultRequestManager.class:na] at com.hazelcast.web.WebFilter.doFilter(WebFilter.java:463) [WebFilter.class:3.3.2-atlassian-3] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_25] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25] ... 226 frames trimmed Caused by: com.atlassian.crowd.exception.InvalidCrowdServiceException: The following URL does not specify a valid Crowd User Management REST service: https://<reverse_proxy_address>/crowd/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.executeCrowdServiceMethod(RestExecutor.java:628) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:464) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestCrowdClient.searchUsers(RestCrowdClient.java:553) ~[RestCrowdClient.class:na] at com.atlassian.crowd.integration.rest.service.RestCrowdClient.testConnection(RestCrowdClient.java:541) ~[RestCrowdClient.class:na] at com.atlassian.crowd.directory.RemoteCrowdDirectory.testConnection(RemoteCrowdDirectory.java:830) ~[RemoteCrowdDirectory.class:na] at com.atlassian.crowd.embedded.core.CrowdDirectoryServiceImpl.testConnection(CrowdDirectoryServiceImpl.java:69) ~[CrowdDirectoryServiceImpl.class:na] ... 17 common frames omitted {noformat} {noformat:title=example 2} 2014-11-13 11:00:47,638 WARN [http-nio-7990-exec-7] @P1PMTOx660x10717x0 10.0.3.88,10.0.0.123 "GET /rest/api/1.0/users/usert@somain.com/repos HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Could not authenticate user@domain.com; authentication by com.atlassian.stash.stash-authentication:crowdHttpAuthHandler failed com.atlassian.stash.user.AuthenticationSystemException: The remote authentication server is not available. Please try again later. at com.atlassian.stash.internal.crowd.RiotPolice.authenticate(RiotPolice.java:113) ~[RiotPolice.class:na] at com.atlassian.stash.internal.user.DefaultUserService.authenticate(DefaultUserService.java:94) ~[DefaultUserService.class:na] at com.atlassian.stash.internal.auth.EmbeddedCrowdHttpAuthenticationHandler.authenticate(EmbeddedCrowdHttpAuthenticationHandler.java:40) ~[EmbeddedCrowdHttpAuthenticationHandler.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider$1.perform(PluginAuthenticationProvider.java:96) ~[PluginAuthenticationProvider$1.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider$1.perform(PluginAuthenticationProvider.java:93) ~[PluginAuthenticationProvider$1.class:na] at com.atlassian.stash.internal.auth.DefaultCaptchaService.authenticateWithCaptcha(DefaultCaptchaService.java:71) ~[DefaultCaptchaService.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:113) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:60) [PluginAuthenticationProvider.class:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:100) [StashAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1415217634000.jar:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100) [TrustedApplicationsFilter.class:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69) [atlassian-oauth-service-provider-plugin-1.9.2_1415217634000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:32) [analytics-client-3.53_1414682400000.jar:na] at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) [analytics-client-3.53_1414682400000.jar:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [BeforeLoginPluginAuthenticationFilter.class:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:85) [DefaultRequestManager.class:na] at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:35) [ConfigurableWebFilter.class:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_60] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_60] ... 226 frames trimmed Caused by: com.atlassian.crowd.exception.runtime.OperationFailedException: null at com.atlassian.crowd.embedded.core.CrowdServiceImpl.convertOperationFailedException(CrowdServiceImpl.java:915) ~[CrowdServiceImpl.class:na] at com.atlassian.crowd.embedded.core.CrowdServiceImpl.authenticate(CrowdServiceImpl.java:80) ~[CrowdServiceImpl.class:na] at com.atlassian.stash.internal.crowd.RiotPolice.authenticate(RiotPolice.java:98) ~[RiotPolice.class:na] ... 23 common frames omitted Caused by: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:196) ~[na:1.7.0_60] at java.net.SocketInputStream.read(SocketInputStream.java:122) ~[na:1.7.0_60] at sun.security.ssl.InputRecord.readFully(InputRecord.java:442) ~[na:1.7.0_60] at sun.security.ssl.InputRecord.read(InputRecord.java:480) ~[na:1.7.0_60] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) ~[na:1.7.0_60] at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884) ~[na:1.7.0_60] at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) ~[na:1.7.0_60] at org.apache.http.impl.io.SessionInputBufferImpl.streamRead(SessionInputBufferImpl.java:136) ~[SessionInputBufferImpl.class:4.3.2] at org.apache.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:152) ~[SessionInputBufferImpl.class:4.3.2] at org.apache.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:270) ~[SessionInputBufferImpl.class:4.3.2] at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:140) ~[DefaultHttpResponseParser.class:4.3.5] at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57) ~[DefaultHttpResponseParser.class:4.3.5] at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:260) ~[AbstractMessageParser.class:4.3.2] at org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:161) ~[DefaultBHttpClientConnection.class:4.3.2] at org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:153) ~[CPoolProxy.class:4.3.5] at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:271) ~[HttpRequestExecutor.class:4.3.2] at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123) ~[HttpRequestExecutor.class:4.3.2] at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:254) ~[MainClientExec.class:4.3.5] at org.apache.http.impl.client.cache.CachingExec.callBackend(CachingExec.java:575) ~[CachingExec.class:4.3.5] at org.apache.http.impl.client.cache.CachingExec.execute(CachingExec.java:256) ~[CachingExec.class:4.3.5] at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195) ~[ProtocolExec.class:4.3.5] at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86) ~[RetryExec.class:4.3.5] at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) ~[RedirectExec.class:4.3.5] at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) ~[InternalHttpClient.class:4.3.5] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72) ~[CloseableHttpClient.class:4.3.5] at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57) ~[CloseableHttpClient.class:4.3.5] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.rewriteAndExecute(RestExecutor.java:607) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.executeCrowdServiceMethod(RestExecutor.java:622) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.andReceive(RestExecutor.java:464) ~[RestExecutor$MethodExecutor.class:na] at com.atlassian.crowd.integration.rest.service.RestCrowdClient.authenticateUser(RestCrowdClient.java:139) ~[RestCrowdClient.class:na] at com.atlassian.crowd.directory.RemoteCrowdDirectory.authenticate(RemoteCrowdDirectory.java:194) ~[RemoteCrowdDirectory.class:na] at com.atlassian.crowd.directory.DbCachingRemoteDirectory.authenticateAndUpdateInternalUser(DbCachingRemoteDirectory.java:295) ~[DbCachingRemoteDirectory.class:na] at com.atlassian.crowd.directory.DbCachingRemoteDirectory.authenticate(DbCachingRemoteDirectory.java:200) ~[DbCachingRemoteDirectory.class:na] at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.authenticateUser(DirectoryManagerGeneric.java:283) ~[DirectoryManagerGeneric.class:na] at com.atlassian.stash.internal.crowd.CustomizedDirectoryManager.authenticateUser(CustomizedDirectoryManager.java:53) ~[CustomizedDirectoryManager.class:na] at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.authenticateUser(ApplicationServiceGeneric.java:196) ~[ApplicationServiceGeneric.class:na] at com.atlassian.stash.internal.crowd.CustomizedApplicationService.authenticateUser(CustomizedApplicationService.java:44) ~[CustomizedApplicationService.class:na] at com.atlassian.crowd.embedded.core.CrowdServiceImpl.authenticate(CrowdServiceImpl.java:68) ~[CrowdServiceImpl.class:na] ... 24 common frames omitted {noformat} h2. Workaround The workaround is to bypass the reverse proxy by setting up Stash to talk directly to your User Directory URL.

    Atlassian JIRA | 2 years ago | Thiago Bomfim [Atlassian]
    com.atlassian.stash.user.AuthenticationSystemException: The remote authentication server is not available. Please try again later.
  6. 0

    h3. Summary As of Java 1.8u51+ (also 1.7.0_85+ and 1.6.0_101+) making SSL connections to an IP address is no longer allowed. Previously the JVM would do a reverse lookup of the hostname using the IP then complete the connection using that hostname. This was a security vulnerability because an attacker that gained control of DNS could route traffic to their own server. This change is a security feature of Java. We have found there is a problem with the way Java creates LDAPS connections. The way Socket.createSocket() is used results in an SSLSocket without the hostname set in it. This results in use of an IP address to make the connection and since this is no longer allowed the connection fails. We have reported this problem to Oracle and also forwarded the information to the Java security dev list: http://mail.openjdk.java.net/pipermail/security-dev/2015-September/012845.html . Because of this _*existing LDAPS connections are broken*_ and users from that user directory are unable to login including non-local administrators. This will affect any customer using secure LDAP that upgrades the JVM. Secure LDAP is very common to protect passwords on the internal network, particularly in enterprise environments. h3. Environment * Any version of Stash using one of the noted Java versions. h3. Steps to Reproduce # Configure a user directory using a secure LDAP connection # Upgrade the JDK to a noted Java version. h3. Expected Results Logins and LDAP syncs should work as normal. h3. Actual Results Users will be unable to authenticate and LDAP syncs will fail. Errors like this will occur in the logs: {code:borderStyle=solid} 2015-07-22 12:43:05,896 WARN [http-bio-443-exec-1] @1SDVDDx763x1x0 XXXXX "POST /j_stash_security_check HTTP/1.1" c.a.s.i.s.s.PluginAuthenticationProvider Could not authenticate XXXXX; authentication by com.atlassian.stash.stash-authentication:crowdHttpAuthHandler failed com.atlassian.stash.user.AuthenticationSystemException: The remote authentication server is not available. Please try again later. at com.atlassian.stash.internal.crowd.RiotPolice.authenticate(RiotPolice.java:113) ~[stash-service-impl-3.11.1.jar:na] at com.atlassian.stash.internal.user.DefaultUserService.authenticate(DefaultUserService.java:108) ~[stash-service-impl-3.11.1.jar:na] ... ... 21 common frames omitted Caused by: org.springframework.transaction.CannotCreateTransactionException: Could not create DirContext instance for transaction; nested exception is org.springframework.ldap.CommunicationException: <DNS.NAME>:636; nested exception is javax.naming.CommunicationException: <DNS.NAME>:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address XXXXX found] at org.springframework.transaction.compensating.support.AbstractCompensatingTransactionManagerDelegate.doBegin(AbstractCompensatingTransactionManagerDelegate.java:90) ~[spring-ldap-core-2.0.2.RELEASE.jar:2.0.2.RELEASE] ... ... 22 common frames omitted Caused by: org.springframework.ldap.CommunicationException: <DNS.NAME>:636; nested exception is javax.naming.CommunicationException: <DNS.NAME>:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address XXXXX found] at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108) ... ... 39 common frames omitted Caused by: javax.naming.CommunicationException: <DNS.NAME>:636 at com.sun.jndi.ldap.Connection.<init>(Unknown Source) ~[na:1.8.0_51] at com.sun.jndi.ldap.LdapClient.<init>(Unknown Source) ~[na:1.8.0_51] ... ... 43 common frames omitted Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address XXXXX found at sun.security.ssl.Alerts.getSSLException(Unknown Source) ~[na:1.8.0_51] at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) ~[na:1.8.0_51] ... ... 58 common frames omitted Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address XXXXX found at sun.security.util.HostnameChecker.matchIP(Unknown Source) ~[na:1.8.0_51] ... ... 67 common frames omitted {code} h3. Workaround *Option 1: Add JVM startup parameter {{-Djdk.tls.trustNameService=true}}* This reverts back to the older Java behavior while preserving all the other security related changes in the newer Java release. Your LDAP data will still be encrypted. The risk is described by Oracle in their explanation of the change at http://www.oracle.com/technetwork/java/javase/8u51-relnotes-2587590.html : {quote}If an application does need to perform reverse name lookup for raw IP addresses in SSL/TLS connections, and encounter endpoint identification compatibility issue, System property "jdk.tls.trustNameService" can be used to switch on reverse name lookup. Note that if the name service is not trustworthy, enabling reverse name lookup may be susceptible to MITM attacks.{quote} *Option 2: Under the LDAP connection "Advanced Settings" set "Secure SSL" to disabled* As stated in the UI this will disable all verification of the SSL certificate. Your LDAP data will still be encrypted. (!) This workaround may represent a greater vulnerability as any SSL cert could be substituted with no need to compromise a DNS server.

    Atlassian JIRA | 1 year ago | Christopher Parker [Atlassian]
    com.atlassian.stash.user.AuthenticationSystemException: The remote authentication server is not available. Please try again later.

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. com.atlassian.stash.user.AuthenticationSystemException

      The CAPTCHA service found itself in an awkward situation

      at com.atlassian.stash.internal.auth.DefaultCaptchaService.isCaptchaValid()
    2. com.atlassian.stash
      BeforeLoginPluginAuthenticationFilter.doFilter
      1. com.atlassian.stash.internal.auth.DefaultCaptchaService.isCaptchaValid(DefaultCaptchaService.java:219)[stash-service-impl-3.2.0.jar:na]
      2. com.atlassian.stash.internal.auth.DefaultCaptchaService.checkCaptcha(DefaultCaptchaService.java:97)[stash-service-impl-3.2.0.jar:na]
      3. com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.attemptAuthentication(PluginAuthenticationProvider.java:109)[PluginAuthenticationProvider.class:na]
      4. com.atlassian.stash.internal.spring.security.PluginAuthenticationProvider.authenticate(PluginAuthenticationProvider.java:59)[PluginAuthenticationProvider.class:na]
      5. com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:100)[StashAuthenticationFilter.class:na]
      6. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:111)[BeforeLoginPluginAuthenticationFilter.class:na]
      7. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:77)[BeforeLoginPluginAuthenticationFilter.class:na]
      7 frames
    3. com.atlassian.security
      TrustedApplicationsFilter.doFilter
      1. com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:100)[atlassian-trusted-apps-core-3.0.6.jar:na]
      1 frame
    4. com.atlassian.oauth
      OAuthFilter.doFilter
      1. com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69)[atlassian-oauth-service-provider-plugin-1.9.2_1406589600000.jar:na]
      1 frame
    5. com.atlassian.analytics
      DefaultAnalyticsFilter.doFilter
      1. com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:33)[analytics-client-3.35_1406589604000.jar:na]
      1 frame
    6. com.atlassian.core
      AbstractHttpFilter.doFilter
      1. com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)[atlassian-core-4.6.15.jar:na]
      1 frame
    7. com.atlassian.stash
      DefaultRequestManager.doAsRequest
      1. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:89)[BeforeLoginPluginAuthenticationFilter.class:na]
      2. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75)[BeforeLoginPluginAuthenticationFilter.class:na]
      3. com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84)[stash-service-impl-3.2.0.jar:na]
      3 frames
    8. Hazelcast
      WebFilter.doFilter
      1. com.hazelcast.web.WebFilter.doFilter(WebFilter.java:446)[hazelcast-wm-3.3-RC2.jar:3.3-RC2]
      1 frame
    9. Java RT
      Thread.run
      1. java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)[na:1.7.0_65]
      2. java.lang.Thread.run(Thread.java:745)[na:1.7.0_65]
      2 frames