Unable to sync with JIRA's User Directory due to NullPointerException Caused by the Jespa Plugin

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Symptoms

Confluence is unable to sync with JIRA's user directory (synchronization fails at every attempt)

The following appears in the atlassian-confluence.log:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 2012-07-11 17:50:51,338 http-8080-22 ERROR [500ErrorPage.jsp] Exception caught in 500 page null java.lang.NullPointerException at com.atlassian.seraph.auth.DefaultAuthenticator.getUserFromBasicAuthentication(DefaultAuthenticator.java:550) at com.atlassian.seraph.auth.DefaultAuthenticator.getUser(DefaultAuthenticator.java:336) at org.techtime.jira.authenticators.JespaAuthenticator.getUser(JespaAuthenticator.java:102) at com.atlassian.seraph.auth.AbstractAuthenticator.getUser(AbstractAuthenticator.java:45) at org.techtime.jira.servlets.JespaFilter.getRemoteUser(JespaFilter.java:41) at org.techtime.atlassian.authentication.AbstractJespaFilter.needsFiltering(AbstractJespaFilter.java:117) at org.techtime.atlassian.authentication.AbstractJespaFilter.doFilter(AbstractJespaFilter.java:75) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66) at com.atlassian.crowd.plugin.rest.filter.BasicApplicationAuthenticationFilter.doFilter(BasicApplicationAuthenticationFilter.java:67)

Diagnosis

Either run this query in Confluence's Database:

1 SELECT * FROM cwd_directory_attribute;

Or obtain the Directory Configuration Summary from Confluence Admin >> User Directories >> Directory Configuration Summary , and make sure that the JIRA directory's configuration is accurate (correct URL, application name, and password). If all of these is verified and true, and you get the stack trace as per above, with this class:

1 at org.techtime.jira.authenticators.JespaAuthenticator.getUser

Proceed to the resolution below.

Cause

The Jespa SSO plugin is expecting NTLM authentication, when Confluence attempts to authenticate to JIRA via Basic Auth, resulting in a NPE.

Solution

Resolution

  1. Disable the Jespa Plugin, by disabling the plugin in JIRA Administration >> Plugins

  2. Modify JIRA's WEB-INF/classes/seraph-config.xml and comment out this authenticator:

    1 <authenticator class="org.techtime.jira.authenticators.JespaAuthenticator"/>

  3. Then uncomment the default JIRA authenticator:

    1 <authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>

  4. Restart JIRA

Updated on April 15, 2025
Platform
Data Center only
Product
Confluence Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community