JIRA connector requests fail when using the JSESSIONID id issued
I'm seeing an issue where the connector succeeds on it's first request because it's using an Authorization header but on any subsequent request it is failing. I believe this may be related to session handling (perhaps even on the server) because:
* Request #1 uses Authorization and receives a JSESSIONID cookie value to use in future
* Request #2 uses only JSESSIONID and response is 404 "Not Found"
* If I replicate Request #2 manually but include the Authorization header (with or without the session cookie) it succeeds
* If I replicate Request #2 manually but only use the JSESSIONID value it fails with the same response as the connector gets
Is there a way to force the connector to only or always use the Authorization header and ignore the session cookie?
I'm using the JIRA connector in IDEA 2016.3 it's talking to the Atlassian hosted JIRA (version 1000.766.0 (Cloud) apparently).
Here's the log:
2017-02-24 09:25:55,279 [ 240499] DEBUG - httpclient.wire.header - >> "GET /rest/api/latest/search?jql=assignee+%3D+currentUser%28%29+and+resolution+%3D+Unresolved+and+%28project++%3D+%22FOO_PROJECT%22%29+order+by+updated&maxResults=20&fields=id,key,summary,description,created,updated,duedate,resolutiondate,assignee,reporter,issuetype,comment,status HTTP/1.1[\r][\n]"
2017-02-24 09:25:55,279 [ 240499] DEBUG - httpclient.wire.header - >> "Authorization: Basic nya-nya-nya-i-can't-hear-you[\r][\n]"
2017-02-24 09:25:55,279 [ 240499] DEBUG - httpclient.wire.header - >> "User-Agent: Jakarta Commons-HttpClient/3.1[\r][\n]"
2017-02-24 09:25:55,279 [ 240499] DEBUG - httpclient.wire.header - >> "Host: mygreatco.atlassian.net[\r][\n]"
2017-02-24 09:25:55,279 [ 240499] DEBUG - httpclient.wire.header - >> "[\r][\n]"
2017-02-24 09:25:55,782 [ 241002] DEBUG - httpclient.wire.header - << "HTTP/1.1 200 OK[\r][\n]"
2017-02-24 09:25:55,782 [ 241002] DEBUG - httpclient.wire.header - << "HTTP/1.1 200 OK[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Server: nginx[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Date: Fri, 24 Feb 2017 17:25:55 GMT[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Content-Type: application/json;charset=UTF-8[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Transfer-Encoding: chunked[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Connection: keep-alive[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Vary: Accept-Encoding[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "X-AREQUESTID: 565x3755x1[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "X-AUSERNAME: jstevenson[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "X-ATENANT-ID: mygreatco.atlassian.net[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Cache-Control: no-cache, no-store, no-transform[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "X-Content-Type-Options: nosniff[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Set-Cookie: JSESSIONID=ABCDEFGHIJKLMNOPQRSTUVWXYZ123456; Path=/; Secure; HttpOnly[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Set-Cookie: atlassian.xsrf.token=B09C-ES5R-9ZFG-C7X5|86c524bbacc8599e082cefad3168b901780c445d|lin; Path=/; Secure[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "Strict-Transport-Security: max-age=315360000;includeSubDomains[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - httpclient.wire.header - << "[\r][\n]"
2017-02-24 09:25:55,783 [ 241003] DEBUG - llij.tasks.jira.JiraRepository - Status code: 200
2017-02-24 09:25:55,878 [ 241098] DEBUG - httpclient.wire.header - << "[\r][\n]"
2017-02-24 09:25:55,900 [ 241120] INFO - lij.tasks.impl.TaskManagerImpl - Total 624 ms to download 14 issues from 'https://mygreatco.atlassian.net' (pattern '')
2017-02-24 09:26:05,706 [ 250926] DEBUG - llij.tasks.jira.JiraRepository - URI: https://mygreatco.atlassian.net/rest/api/latest/issue/FP-1111/transitions?expand=transitions.fields
2017-02-24 09:26:05,707 [ 250927] INFO - llij.tasks.jira.JiraRepository - Basic authentication for subsequent requests was disabled
2017-02-24 09:26:05,708 [ 250928] DEBUG - httpclient.wire.header - >> "GET /rest/api/latest/issue/FP-1111/transitions?expand=transitions.fields HTTP/1.1[\r][\n]"
2017-02-24 09:26:05,708 [ 250928] DEBUG - httpclient.wire.header - >> "User-Agent: Jakarta Commons-HttpClient/3.1[\r][\n]"
2017-02-24 09:26:05,708 [ 250928] DEBUG - httpclient.wire.header - >> "Host: mygreatco.atlassian.net[\r][\n]"
2017-02-24 09:26:05,708 [ 250928] DEBUG - httpclient.wire.header - >> "Cookie: JSESSIONID=ABCDEFGHIJKLMNOPQRSTUVWXYZ123456[\r][\n]"
2017-02-24 09:26:05,708 [ 250928] DEBUG - httpclient.wire.header - >> "Cookie: atlassian.xsrf.token=B09C-ES5R-9ZFG-C7X5|86c524bbacc8599e082cefad3168b901780c445d|lin[\r][\n]"
2017-02-24 09:26:05,708 [ 250928] DEBUG - httpclient.wire.header - >> "[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "HTTP/1.1 404 Not Found[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "HTTP/1.1 404 Not Found[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Server: nginx[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Date: Fri, 24 Feb 2017 17:26:05 GMT[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Content-Type: application/json;charset=UTF-8[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Transfer-Encoding: chunked[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Connection: keep-alive[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Vary: Accept-Encoding[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "X-AREQUESTID: 566x3771x1[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "X-AUSERNAME: anonymous[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "X-ATENANT-ID: mygreatco.atlassian.net[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Cache-Control: no-cache, no-store, no-transform[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "X-Content-Type-Options: nosniff[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "Set-Cookie: atlassian.xsrf.token=B09C-ES5R-9ZFG-C7X5|f52ba778bd29443dfb6ebda030808424be44d1eb|lout; Path=/; Secure[\r][\n]"
2017-02-24 09:26:05,756 [ 250976] DEBUG - httpclient.wire.header - << "[\r][\n]"
2017-02-24 09:26:05,757 [ 250977] DEBUG - llij.tasks.jira.JiraRepository - Status code: 404
2017-02-24 09:26:05,757 [ 250977] DEBUG - httpclient.wire.header - << "[\r][\n]"
2017-02-24 09:26:05,757 [ 250977] WARN - llij.tasks.jira.JiraRepository - "Issue does not exist or you do not have permission to see it."
2017-02-24 09:26:05,757 [ 250977] ERROR - intellij.tasks.impl.TaskUiUtil - Request failed. Reason: "Issue does not exist or you do not have permission to see it."
java.lang.Exception: Request failed. Reason: "Issue does not exist or you do not have permission to see it."
at com.intellij.tasks.jira.JiraRepository.executeMethod(JiraRepository.java:311)
请先登录再写评论。
https://developer.atlassian.com/blog/2015/06/discontinuing-ide-connectors-support/
This connector has been discontinued years ago. Issues are expected.
Perhaps I mistook the "Tasks and Context Management" plugin's Server entries for the old/discontinued JIRA connector.
The error is coming from the bundled Tasks interface which is configued ala https://www.jetbrains.com/help/idea/2016.3/enabling-integration-with-an-issue-tracking-system.html . I've added a JIRA server, which was provided as an option in the new server select list, and the error happens when the TODO list refreshes and when I try to select a new TODO item and IDEA tries to populate the "Update Issue State" dropdown.
Related issues:
https://youtrack.jetbrains.com/issue/IDEA-128706
https://youtrack.jetbrains.com/issue/IDEA-149504
Feel free to submit a new one with more details.
Hi Joe,
We deliberately decided to use cookie authentication sending "Authorization" header only with the first request because otherwise it had caused constant expiration of sessions in browser, and this authentication flow was recommended by Atlassian. However, it seems to have stopped working for some reason recently. The workaround is to use -Dtasks.jira.basic.auth.only=true debug flag in VM options/properties file as mentioned in this issue https://youtrack.jetbrains.com/issue/IDEA-165120.
Hi Mikhail, thanks, the tasks.jira.basic.auth.only workaround is getting me through for now. It seems like an issue on Atlassian's side so hopefully they get it sorted out soon.