JIRA features that require password confirmation (websudo, captcha) do not work with custom authentication

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Won't Fix
    • None
    • Component/s: None
    • None

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      Confluence has had the ability to use websudo with a custom authenticator since 3.5, using password.confirmation.disabled flag (see CONF-20958).

      Why s there no such capability with JIRA?

      Doing something similar to isPasswordConfirmationDisabled() in com.atlassian.jira.security.websudo.InbuiltAuthenticatorCheck would bring some commonality between Confluence and JIRA.

      Why? I have implemented custom authenticators for JIRA and Confluence - based on MIDANAuthenticator - whilst waiting for a solution to JSD-1244. (Accepting that internal users with a Crowd account get SSO features but external JSD customers don't)

      With a custom authenticator I can still have websudo in Confluence; but not with JIRA.

            Assignee:
            Unassigned
            Reporter:
            Mark Bewley
            Votes:
            3 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: