Confluence Authentication Issues

This article covers known authentication issues in Confluence and possible solutions.
Tags:

What does a Successful Authentication look like?

To authenticate with Confluence using cookie-based authentication, WikiTraccs opens a browser window to let you log in.

Once you are logged in the browser window should close within about 30 seconds. This is normal behavior, indicating successful authentication.

WikiTraccs shows a success message if all authentication cookies could be retrieved. You can stop reading in this case.

If the browser window stays open for a long time after authenticating with Confluence then WikiTraccs is not able to detect your login, for whatever reason. In this case proceed with the troubleshooting sections below.

General Troubleshooting

First, close any open WikiTraccs window and re-start WikiTraccs. Sometimes this resolves issues with authentication. Also close any browser windows that WikiTraccs opened and that is still open.

If re-starting WikiTraccs doesn’t help check if you need additional or different authentication cookies for Confluence. Those can be configured in the advanced authentication configuration dialog. If you are using SSO solutions like Shibboleth you’ll most likely need additional cookies.

Or maybe the Confluence login timed out. WikiTraccs waits for some time for the authentication cookies to appear before giving up. Try to not take too much time for logging in as this might run into a timeout.

Workarounds

If the steps outlined in the previous section didn’t help then something is not right. WikiTraccs might have encountered a yet unsupported configuration of either Confluence or the system it is running on.

WikiTraccs has built-in ways to troubleshoot this. Try the steps outlined in the following sections.

1. Disable Context Path Check for Cookies

WikiTraccs makes assumptions about how the context path of Confluence and cookie data relates. Let’s disable those assumptions.

In appsettings.json, add the following setting:

{
    "CustomSettings": {
        "Debug": {
            "SkipConfluenceContextPathCookiePathMatching": true
        }
    }
}

If appsettings.json does not yet exist, create it and copy above snippet to the file.

If appsettings.json already exists, find the Debug section and add the SkipConfluenceContextPathCookiePathMatching property. Create the Debug section if necessary.

Re-start WikiTraccs and check if authentication now is possible.

If authentication still cannot be detected, proceed with the next section.

2. Provide Cookies manually

WikiTraccs just needs authentication cookie values and does not really care where they come from.

Let’s provide them manually via a text file.

We need to:

  • copy cookies from the browser to cookies.txt
  • copy the user ID to appsettings.json

Open Chrome (or Edge), navigate to Confluence and log in.

Still in the browser, press F12 to open the developer tools, and choose the Application tab.

Under Cookies, select the Confluence domain. A panel on the right side should show cookies.

Check that JSESSIONID is among those cookies. Unless the cookie name has been changed via server configuration. In this case check the configured name.

In the cookie panel, select all rows with the mouse and copy them to the clipboard.

Create a new file cookies.txt in either the WikiTraccs.GUI or WikiTraccs.Console folder (depending on what your are running). Have cookies.txt open in a text editor.

Paste the cookie values from the clipboard to the open text editor and save cookies.txt.

Here’s an animated GIF showing above steps:

Now go back to the browser. The developer tools should still be open.

Choose the Elements tab, expand the HTML head element and search for one of the following entries:

  • ajs-remote-user-key for Confluence on-prem (both Server and Data Center)
  • ajs-atlassian-account-id for Confluence Cloud

The ajs-remote-user-key content value (sample).

Put the ajs-remote-user-key content (on-prem) or ajs-atlassian-account-id content (Cloud) value to appsettings.json.

Here’s how it looks for Confluence on-prem:

{
    "CustomSettings": {
        "Debug": {
            "AjsRemoteUserKey": "8a848084865dd3b801865dd4dc420000"
        }
    }
}

Here’s how it looks for Confluence Cloud:

{
    "CustomSettings": {
        "Debug": {
            "AjsRemoteAccountId": "8a848084865dd3b801865dd4dc420000"
        }
    }
}

Note the name difference in above snippets: AjsRemoteUserKey (on-prem) vs. AjsRemoteAccountId (Cloud)

Having both cookies.txt and the appsettings.json configuration in place, restart WikiTraccs and retry starting a migration.

WikiTraccs now checks if cookies.txt exists and uses the cookie values instead of starting an interative browser login session. This should succeed.

Please get in touch if this still doesn’t work.

How to log out of Confluence?

When you log in to Confluence you can choose the Remember me option to stay logged in. This is very convenient during a migration since you are always logged in to Confluence without having to reenter your credentials.

But how to log out?

The solution is to delete the browser profile of the Chrome browser that WikiTraccs uses to log in to Confluence. The browser profile is stored in a temporary location, which by default is the Temp folder for your Windows user:

C:\Users\<username>\AppData\Local\Temp\<host-name-of-confluence>

  • <username> is your Windows user profile name
  • <host-name-of-confluence> resembles the host part of the Confluence base address, like confluence.contoso.com

Delete the whole <host-name-of-confluence> folder and you should be asked to log in again when starting your next migration. This will also recreate the folder.

Cannot find the folder? Have a look here on more information about this temporary folder and where you might find it: File Storage - Temporary Files

Last modified January 8, 2025