Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-7001

artifactory doesn't clean session-id after Crowd Server session expired

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 3.4.2, 4.2.1
    • Fix Version/s: 4.3.0
    • Component/s: Crowd, Security
    • Labels:
      None

      Description

      Ticket: http://jfrog.freshdesk.com/helpdesk/tickets/25022
      Steps for reproducing was supplied by the client.

      1. Login to the admin->security->general and enable "allow anonymous access". (To ensure that anonymous access is allowed)
      2. admin->security->crowd integration enable and set session validation interval to smaller number so that an active session gets validated on crowd.(I set this to 1 minute)
      3. login to crowd and invalidate the user session that you have logged in from artifactory. (Note the browser still has the session as valid for crowd.token)
      4. after about 5 minutes(I have set it at 1 monute as per step 2) or visit one of the repository url directly eg: https://<DOMAIN.COM>/repository/test_repo (This will contain empty listing and the error you will see on the logs are as below)
      artifactory.log
      2014-12-02 13:03:36,587 [ajp-bio-8019-exec-6] [INFO ] (o.a.a.s.a.c.CrowdSsoAuthenticationFilter:75) - Unable to authenticate Crowd SSO request: Failed to find entity of type [com.atlassian.crowd.model.token.Token] with identifier [MG7Dwwg7OHamDrGjgpZgPw00]
      request.log
      20141202130237|394|REQUEST|10.105.64.10|non_authenticated_user|GET|/yum_ambari/|HTTP/1.1|200|0

        Attachments

          Activity

            People

            • Assignee:
              michaelp Michael Pasternak (Inactive)
              Reporter:
              chenk Chen Keinan
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: