Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-31953

Not being able to create webhooks with basic authentication.

    XMLWordPrintable

    Details

    • UIS:
      238
    • Support reference count:
      35
    • Current Status:
      Hide
      Atlassian Update – 8th February 2018

      Hi all,

      Thanks for your interest in this issue.

      While this suggestion has gathered significant interest, we're unable to implement all of the excellent suggestions you make. We appreciate the benefits of such requests, but don't plan to work on this for the foreseeable future.

      This suggestion will be reviewed in about 12 month's time, at which point we’ll consider whether we need to alter its status.

      Cheers,
      Jira Server Product Management

      Show
      Atlassian Update – 8th February 2018 Hi all, Thanks for your interest in this issue. While this suggestion has gathered significant interest, we're unable to implement all of the excellent suggestions you make. We appreciate the benefits of such requests, but don't plan to work on this for the foreseeable future. This suggestion will be reviewed in about 12 month's time, at which point we’ll consider whether we need to alter its status. Cheers, Jira Server Product Management
    • Feedback Policy:
      We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Using the procedures to use basic auth described on

      https://extranet.atlassian.com/display/SUPPORT/Webhooks+readiness+for+JIRA+5.2

      we are getting a "Invalid URL" message.

      workaround
      For Atlassian applications, the REST plugin : https://developer.atlassian.com/display/DOCS/REST+and+os_authType allows you to apend the authentication type to the URL. This can be adapted as a workaround. When I add the os_oauthtype to the URL, it works:

      http://localhost:10520/bamboo52/rest/api/latest/server/pause?os_authtype=basic&os_username=admin&os_password=admin
      

      Note: While this workaround works, it's not great because applications frequently log URLs (for example, Apache can be configured that way) and this means that the password will be leaked, which is not desirable. The risk is highly reduced for users who are not logging access to their system and who are running behind https. We will advice that users take necessary steps to further secure access if they are using this method of authentication.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              llima LucasA
              Votes:
              248 Vote for this issue
              Watchers:
              162 Start watching this issue

                Dates

                Created:
                Updated: