Failed to create Application Links due to "We can't enable the incoming authentication because Confluence is not reachable"

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

    

Summary

The "We can't enable the incoming authentication because Confluence is not reachable" message error appears when creating an Application Link between Confluence and Jira or Bitbucket.

Environment

  • Confluence 7.11. or higher
  • EasySSO app 4.6.7 or below

Diagnosis

EasySSO plugin version 4.6.7 or below is enabled on Confluence and the following error messages are appearing on the atlassian-confluence.log:

atlassian-confluence.log 
2022-07-20 01:00:17,460 ERROR [https-jsse-nio2-8443-exec-3] [mywork.host.rest.ExceptionLogger] toResponse Exception thrown from REST resource
 -- url: /rest/mywork/1/client | traceId: 1bd6de9f3e5b6df9 | userName: anonymous
java.lang.IllegalStateException: Failed to obtain client registration lock, cannot update potential client e154d593-6c41-3466-8ca0-1689bdd022b1
	at com.atlassian.mywork.host.service.ClientServiceImpl.updatePotentialClient(ClientServiceImpl.java:362)
	at com.atlassian.mywork.host.service.ClientServiceImpl.updatePotentialClient(ClientServiceImpl.java:310)
	at com.atlassian.mywork.host.rest.ClientResource.clientRegistration(ClientResource.java:50)
	..
	at org.techtime.easysso.PrincipalUserComponent.processPrincipalUser(PrincipalUserComponent.java:161)
	at org.techtime.easysso.ntlm.statemachine.strategy.AbstractAllUploadedStrategy.doPrincipalFiltering(AbstractAllUploadedStrategy.java:125)
	at org.techtime.easysso.PrincipalFilter.doFilter(PrincipalFilter.java:27)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57)
	at org.techtime.easysso.ntlm.statemachine.strategy.AbstractAllUploadedStrategy.doX509Filtering(AbstractAllUploadedStrategy.java:146)
	at org.techtime.easysso.x509.X509Filter.doFilter(X509Filter.java:27)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62)
	...
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.techtime.easysso.ntlm.NtlmFilterComponent.invokeMethod(NtlmFilterComponent.java:649)
	at org.techtime.easysso.ntlm.NtlmFilterComponent.doFilter(NtlmFilterComponent.java:596)
	at org.techtime.easysso.ntlm.statemachine.strategy.FullyEnabledStrategy.doNTLMFiltering(FullyEnabledStrategy.java:62)
	at org.techtime.easysso.ntlm.JespaFilter.doFilter(JespaFilter.java:47)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62)
	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37)
	at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57)
	...
atlassian-confluence.log 
2022-07-25 15:40:28,166 WARN [AtlassianEvent::CustomizableThreadFactory-1] [applinks.internal.capabilities.DefaultRemoteCapabilitiesService] getApplinkSafe Exception trying to get Applink for manifest with ID e154d593-6c41-3466-8ca0-1689bdd022b1
 -- url: /rest/applinks/3.0/applicationlinkForm/manifest.json | traceId: 9a3c11ec53e97e5c | userName: jperun | referer: https://confluence-sbx.bottomline.tech/plugins/servlet/applinks/listApplicationLinks
2022-07-25 15:40:42,630 ERROR [https-jsse-nio2-8443-exec-2] [core.rest.ui.CreateApplicationLinkUIResource] tryToFetchManifest Exception thrown while retrieving manifest
 -- referer: https://confluence-sbx.bottomline.tech/plugins/servlet/applinks/listApplicationLinks | url: /rest/applinks/3.0/applicationlinkForm/manifest.json | traceId: 3ab2630190388774 | userName: jperun
java.net.URISyntaxException: Expected scheme-specific part at index 6: https:
	at java.net.URI$Parser.fail(URI.java:2848)
	at java.net.URI$Parser.failExpecting(URI.java:2854)
	at java.net.URI$Parser.parse(URI.java:3057)
	at java.net.URI.<init>(URI.java:588)
	at java.net.URL.toURI(URL.java:946)

Cause

Confluence from version 7.11 introduced a RemoteIPValve configuration element in server.xml of the Tomcat server:

server.xml 
...
<!-- http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_IP_Valve -->  
<Valve className="org.apache.catalina.valves.RemoteIpValve" /> 
...

This valve replaces the proxy IP in the request with the client IP and this is causing issues with EasySSO IP Filtering when you are trying to filter by the proxy IP.

Solution

You can choose one of the following solutions:

  1. Upgrade the EasySSO app to a newer version when available; or
  2. Disable the EasySSO app and create the Application Links


Last modified on Apr 7, 2023

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.