Constraint Violation When a User Tries to Login

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Symptoms

The following appears in the atlassian-confluence.log:

1 2 3 4 5 6 7 8 9 10 11 caused by: org.springframework.dao.DataIntegrityViolationException: Hibernate operation: could not insert: [com.atlassian.crowd.embedded.hibernate2.HibernateMembership#188383471]; SQL []; ORA-00001: unique constraint (CONFLUENCE.CWD_UNIQUE_MEMBERSHIP) violated ; nested exception is java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (CONFLUENCE.CWD_UNIQUE_MEMBERSHIP) violated at org.springframework.jdbc.support.SQLStateSQLExceptionTranslator.translate(SQLStateSQLExceptionTranslator.java:110) caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (CONFLUENCE.CWD_UNIQUE_MEMBERSHIP) violated at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:440) 2012-12-18 15:07:49,153 INFO [TP-Processor14] [atlassian.crowd.directory.DelegatedAuthenticationDirectory] updateGroups Deleted user "user1"'s imported membership of remote group "group1" to directory "Delegated Authentication Directory". 2012-12-18 15:07:49,158 INFO [TP-Processor14] [atlassian.crowd.directory.DelegatedAuthenticationDirectory] importMembership Imported user "user1"'s membership of remote group "group1" to directory "Delegated Authentication Directory". 2012-12-18 15:07:49,162 ERROR [TP-Processor14] [sf.hibernate.util.JDBCExceptionReporter] logExceptions ORA-00001: unique constraint (CONFLUENCE.CWD_UNIQUE_MEMBERSHIP) violated

Diagnosis

If the group names set in LDAP are Uppercase and how they are shown in logs. In this example we see that GROUP1 is set like group1 in Crowd.

1 2012-12-18 15:07:49,158 INFO [TP-Processor14] [atlassian.crowd.directory.DelegatedAuthenticationDirectory] importMembership Imported user "user1"'s membership of remote group "group1" to directory "Delegated Authentication Directory".

Cause

The group is set as lowercase in Crowd when actually the original group in LDAP is uppercase.

Solution

Workaround

  1. Compare the groups in Crowd with the groups in LDAP to find out which are different (lowercase instead of uppercase).

  2. Remove the users from all these groups.

  3. Use GUI or SQL to remove the lowercase groups from the DB.

  4. Perform a Flush - Administration->Cache Statistics->Flush All

  5. Restart Confluence.

  6. Try to login with using a user that was inside on of the former group.

Updated on April 2, 2025
Platform
Data Center only
Product
Crowd Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community