Unable to set Crowd SSO token java.lang.IllegalArgumentException: Cookie name [AbCdEfG123, crowd.token_key] is a reserved token
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
Crowd-supplied SSO login is looping after login, user never arrives at the application's landing page.
Environment
4.2.2
Diagnosis
The following message will be seen in atlassian-confluence.log
1
2
3
4
2021-08-19 14:03:26,810 https-jsse-nio-8443-exec-10 ERROR [crowd.integration.springsecurity.AbstractCrowdSSOAuthenticationProcessingFilter] Unable to set Crowd SSO token
java.lang.IllegalArgumentException: Cookie name [AbCdEfG123, crowd.token_key] is a reserved token
at javax.servlet.http.CookieNameValidator.validate(Cookie.java:405)
at javax.servlet.http.Cookie.<init>(Cookie.java:119)Cause
The "Cookie name[<anything>]is a reserved token" error is that the cookie's name has an invalid character. Please reference the original RFC for cookies (RFC6265), specifically the portion on the "Set-Cookie Header" for the expected syntax. Characters such as a comma (",") in this case is not allowed in a cookie's name.
Solution
Remove any illegal characters in the name of the cookie in Crowd's General Configuration screen. See RFC6265, specifically the portion on the "Set-Cookie Header" for the expected syntax.
Was this helpful?