Jira crashes suddenly - Githubissues

cloudflare / cloudflare-access-for-atlassian

Authenticate Atlasssian products when using Cloudflare Access

Other

46 stars 15 forks source link

Jira crashes suddenly #58

Closed tbrandstaetter closed 3 years ago

tbrandstaetter commented 4 years ago

Hello,

Our Jira was running fine with the plugin for a few months. Yesterday we also enabled this for Confluence. Unfortunately since then Jira is crashing around every ten minutes when the plugin is enabled. We disabled it now to provide a stable service. We disabled everything on Confluence (Cloudflare Access, the plugin) again just to make sure this does not cause further trouble.
Jira 8.7.1

Best regards, Thomas

iserko commented 4 years ago

@tbrandstaetter please provide logs, haven't experienced the same and am running Jira 8.7.1 and Confluence 7.3.2 both with 2.12.0 of the plugin

felipebn commented 4 years ago

@tbrandstaetter thanks for reporting this, I've have received the logs in my e-mail.

I'll be looking into it and come back to you.

felipebn commented 4 years ago

Reply received by email @ Jul 20th 2020:

Hello Felipe, Sorry for the delayed response, but we only now got a window where we could test this on our live environment again. “Unfortunately” during this test Jira didn’t crash, like it did before. It got less responsive and our logs got flooded with “invalid signature” warnings. The same thing happened on Confluence side. The attached log file is from 2020-07-13. We enabled the plugin again at 14:00 until 15:00. Please have a look at the logs and let me know if you could find anything new.

felipebn commented 4 years ago

Hi @tbrandstaetter ,

I reviewed the log and the code related to the messages and this is what I can tell you:

The invalid signature message is a warning due to how the code verifies the JWT signature, it's something I'm looking into to improve.
Looks like from the logs that you have many requests that are not going through Cloudflare as they don't have the token, is that correct?

One question to evaluate the impact of the current token validation logic: How many requests per second Jira/Confluence usually receive?

note: this was originally sent by e-mail

felipebn commented 4 years ago

@tbrandstaetter the release below includes the improvement I mentioned in the previous comment.

Please try that and comment in the issue in case you have errors or more actionable info regarding this.

https://github.com/cloudflare/cloudflare-access-for-atlassian/releases/tag/2.13.0

felipebn commented 3 years ago

Closing as no feedback received since last reply, please reopen if needed.