-
Suggestion
-
Resolution: Fixed
-
None
-
None
When CWD-314 was implemented we were able to meet the current functionality for JIRA & Confluence integration by having Crowd's JIRA integration (via Seraph) use the credentials present in the URL to be used for that given request; when grabbing RSS feeds from JIRA.
To take this one step further we should now use the authenticated 'browser user' and not the credentials present in the request to authenticate the user; however we may need to keep backwards compatibility here by allowing both.
Currently the Confluence jiraissue macro makes its request on the server side to JIRA, this means that Confluence is making the request to JIRA and not the browser, so any credentials present in the browser session are not used by Confluence for the request. We have two options (from what I can see to implement this feature):
- Provide a configuration item to the jiraportlet marco to tell it to grab the Crowd authentication token from the users session (cookie) and use that (assuming that we are on the same domain).
- Re-write the plugin as an 'ajax-based' macro so the browser makes the request and not Confluence, this would then simply use the currently authenticated Confluence user for the request on JIRA.
- relates to
-
CONFSERVER-1595 Better authentication method for jiraissues and jiraportlet macros
- Closed
-
CWD-48 Confluence JIRA portlet plugin to use the Crowd security framework for authentication.
- Closed
[CWD-523] The Confluence JIRA Issue macro currently uses the hard coded os_username and os_password properties for authentication, it would be nice to use the authenticated user in the browser.
Workflow | Original: JAC Suggestion Workflow [ 3389076 ] | New: JAC Suggestion Workflow 3 [ 3630908 ] |
Status | Original: RESOLVED [ 5 ] | New: Closed [ 6 ] |
Workflow | Original: Simplified Crowd Development Workflow v2 [ 1392966 ] | New: JAC Suggestion Workflow [ 3389076 ] |
Issue Type | Original: Improvement [ 4 ] | New: Suggestion [ 10000 ] |
Link | New: This issue relates to CONFCLOUD-1595 [ CONFCLOUD-1595 ] |
Workflow | Original: Crowd Development Workflow v2 [ 272877 ] | New: Simplified Crowd Development Workflow v2 [ 1392966 ] |
Workflow | Original: Feature Request Workflow [ 173964 ] | New: Crowd Development Workflow v2 [ 272877 ] |
Workflow | Original: jira [ 86909 ] | New: Feature Request Workflow [ 173964 ] |
Fix Version/s | Original: 1.3 - Items to Consider [ 12268 ] |
Resolution | New: Fixed [ 1 ] | |
Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Versions of JIRA and Confluence have been released that provide Trusted Application support, allowing secure communication between the applications.
This issue is therefore moot. If you have concerns or would like additional functionality, as always, please let us know.