Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-26644

302 redirect is not being followed and the JIRA Issues macro

XMLWordPrintable

    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      The rest calls for the JIRA issues macro are not properly following 302 redirects. When returning from a shibboleth authenticator you are also forwarding shibboleth cookie data. The JIRA issues macro is parse the 302 response which is invalid data. Preferred behavior is to test for the 302 redirect and if it exists redirect the call back to the original REST api call. this will ensure the the proper JSON output 

      
[~]$ openssl s_client -CAfile AddTrustExternalCARoot.crt -connect jira.xxxx.com:443
CONNECTED(00000003)
depth=2 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
verify return:1
depth=1 /C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
verify return:1
depth=0 /C=US/2.5.4.17=53706/ST=ST/L=City/2.5.4.9=1234 Main Street/O=Organization/OU=Operational Unit/CN=jira.xxxx.com
verify return:1
---
Certificate chain
 0 s:/C=US/2.5.4.17=53706/ST=ST/L=City/2.5.4.9=1234 Main Street/O=Organization/OU=Operational Unit/CN=jira.xxxx.com
   i:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
 1 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
 2 s:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
 3 s:/C=US/2.5.4.17=53706/ST=ST/L=City/2.5.4.9=1234 Main Street/O=Organization/OU=Operational Unit/CN=jira.xxxx.com
   i:/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
---
Server certificate
-----BEGIN CERTIFICATE-----
I assure you I am a certificate
-----END CERTIFICATE-----
subject=/C=US/2.5.4.17=53706/ST=ST/L=City/2.5.4.9=1234 Main Street/O=Organization/OU=Operational Unit/CN=jira.xxxx.com
issuer=/C=US/O=Internet2/OU=InCommon/CN=InCommon Server CA
---
No client certificate CA names sent
---
SSL handshake has read 5713 bytes and written 343 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: Session-ID
    Session-ID-ctx: 
    Master-Key: I assure you I am key
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1347681912
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
GET https://jira.xxxx.com/jira/sr/jira.issueviews:searchrequest-rss/12456/SearchRequest-12456.xml?tempMax=1000
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://confluence.xxxx.com/DS/WAYF?entityID=https%3A%2F%2Fjira.xxxx.com%2Fshibboleth&amp;return=https%3A%2F%2Fjira.xxxx.comhttps%3A%2FShibboleth.sso%2FDS%3FSAMLDS%3D1%26target%3Dss%253Amem%253A61c65287d6bd8695b4fb73b7de01681ab016837d">here</a>.</p>
</body></html>
closed

      Improvement Request

      The decision not to follow redirects is valid for Confluence, and Atlassian products. However it has an unintended side-effect when used with the Shibboleth Authenticator Plugin, so the behaviour could be improved.

              Unassigned Unassigned
              dborcherding DanielA
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: