Uploaded image for project: 'Bitbucket Server'
  1. Bitbucket Server
  2. BSERV-9604

As an administrator, I want to be able to disable HTTP for git operations even if git LFS is enabled

    XMLWordPrintable

    Details

    • UIS:
      2
    • Feedback Policy:
      We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      Problem Definition

      As long as HTTPS is a requirement of using LFS, it should be possible to enable LFS over HTTPS without enabling HTTPS for standard Git transactions. There are teams that have a requirement to use SAML, which Git + HTTP cannot support, leaving SSH only as an option. However, even when using SSH, users of Git-LFS need to open an HTTP connection (using another built-in form of auth).

      Suggested Solution

      In such a configuration, ideally it should be possible to send back a clear message of denial to any git client attempting to access Bitbucket when git via HTTPS has been disabled. My experience has been that the git client can't handle such errors gracefully, normally only returning the first four characters of the server message. In that case, it would be pretty clear simply to return a message beginning with "DENY", which the user could then look up in Atlassian documentation.

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              cglockner Christian Glockner
              Votes:
              6 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated: