Thursday, 1 September 2011

Browse » Home » » » » JIRA Login Gadget and Dashboard Does not Work when Running behind a Load Balancer

JIRA Login Gadget and Dashboard Does not Work when Running behind a Load Balancer

Symptoms

  • After upgrading to JIRA 4.4, users are not able to login via login gadget.
  • Dashboard does not render after user logs in via login page.
  • The following appears in the atlassian-jira.log:
    2011-08-30 08:47:00,552 http-8180-7 ERROR anonymous 527x1499x1 1frwtec 192.168.13.5 /plugins/servlet/gadgets/dashboard-diagnostics [dashboard.internal.diagnostics.DiagnosticsServlet] DIAGNOSTICS: FAILED
    com.atlassian.gadgets.dashboard.internal.diagnostics.UrlSchemeMismatchException: Detected URL scheme, 'http', does not match expected scheme 'https'
    at com.atlassian.gadgets.dashboard.internal.diagnostics.Diagnostics.checkExpectedScheme(Diagnostics.java:59)
    at com.atlassian.gadgets.dashboard.internal.diagnostics.Diagnostics.check(Diagnostics.java:31)
    at com.atlassian.gadgets.dashboard.internal.diagnostics.DiagnosticsServlet.executeDiagnostics(DiagnosticsServlet.java

Diagnosis

  • The following settings appear in server.xml
    <Connector port="8080"
     maxThreads="150"
     minSpareThreads="25"
     maxSpareThreads="75"
     connectionTimeout="20000"
     enableLookups="false"
     maxHttpHeaderSize="8192"
     protocol="HTTP/1.1"
     useBodyEncodingForURI="true"
     redirectPort="8443"
     acceptCount="100"
     disableUploadTimeout="true"/>
     <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
     maxHttpHeaderSize="8192" SSLEnabled="true"
     maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
     enableLookups="false" disableUploadTimeout="true"
     acceptCount="100" scheme="https" secure="true"
     clientAuth="false" sslProtocol="TLS" useBodyEncodingForURI="true"/>

Cause

  • JIRA is running behind a load balancer with SSL Termination configured.
  • JIRA is expecting https scheme while http is detected.

Resolution

Comment out https setting in the server.xml and follow the "Alternative configuration if HTTPS is terminated on the proxy server" section in this guide. For example:
<Connector port="8080"
 maxThreads="150"
 minSpareThreads="25"
 maxSpareThreads="75"
 connectionTimeout="20000"
 enableLookups="false"
 maxHttpHeaderSize="8192"
 protocol="HTTP/1.1"
 useBodyEncodingForURI="true"
 redirectPort="8443"
 acceptCount="100"
 disableUploadTimeout="true"
 <!-- The below are new lines to add - the above is untouched -->
 scheme="https"
 proxyName="<proxy_server>"
 proxyPort="443"
/>
<!--
 <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
 maxHttpHeaderSize="8192" SSLEnabled="true"
 maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
 enableLookups="false" disableUploadTimeout="true"
 acceptCount="100" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLS" useBodyEncodingForURI="true"/>
-->

Advertisement:

No comments:

Post a Comment

Note: only a member of this blog may post a comment.