Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-10575

Bamboo is failing to set the required request params when indicating that a request is a trusted apps request

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Low Low
    • 3.4.4, 4.0 M2
    • None
    • None
    • None

      This is only causing issues when Bamboo is configured with Crowd for SSO. Crowd's SSO Authenticator is looking for a specific request parameter to validate that a request is coming via Trusted Apps.

      This value is being set, then unset through the bamboo authentication filter lifecycle.

      The specific code in Crowd that is doing the check is the following:

          private boolean isTrustedAppsRequest(HttpServletRequest request)
    {
        if (BaseLoginFilter.LOGIN_SUCCESS.equals(request.getAttribute(BaseLoginFilter.OS_AUTHSTATUS_KEY)))
        {
            if (logger.isDebugEnabled())
            {
                logger.debug("User IS authenticated via previous filter/trusted apps");
            }
            return true;
        }

        return false;
    }

      Specifically

      "os_authstatus" = "success"

              mwent Marek Went (Inactive)
              justin@atlassian.com Justin Koke
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: