Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-67979

Deprecate support for authenticating using os_username, os_password as url query parameters

    XMLWordPrintable

    Details

    • Introduced in Version:
      7.12
    • Symptom Severity:
      Severity 2 - Major
    • Bug Fix Policy:
    • Current Status:
      Hide
      Atlassian Update – 21 December 2018

      Dear Jira users,

      We’re glad to announce that this issue will be addressed in our upcoming 8.0 release.

      You can find more details about our 8.0 beta release here — https://community.developer.atlassian.com/t/beta-for-jira-8-0-is-up-for-grabs/25588

      Looking forward to your feedback!

      Kind regards,
      Syed Masood
      Product Manager, Jira Server and Data Center

      Show
      Atlassian Update – 21 December 2018 Dear Jira users, We’re glad to announce that this issue will be addressed in our upcoming 8.0 release. You can find more details about our 8.0 beta release here — https://community.developer.atlassian.com/t/beta-for-jira-8-0-is-up-for-grabs/25588 Looking forward to your feedback! Kind regards, Syed Masood Product Manager, Jira Server and Data Center

      Description

      Problem

      Support for using os_username and os_password to authenticate when used as url query parameters has been deprecated in Jira 8.0.0.

      It is possible to disable support for os_username & os_password as url query parameters for authentication by setting allowUrlParameterValue to false in <JIRA_install>/atlassian-jira/WEB-INF/web.xml .
      example: 

          <filter>
        <filter-name>login</filter-name>
        <filter-class>com.atlassian.jira.web.filters.JiraLoginFilter</filter-class>
        <init-param>
            <param-name>allowUrlParameterValue</param-name>
            <param-value>false</param-value>
        </init-param>
    </filter>

        Attachments

          Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-38548 Remove url parameter support for os_username, os_password

          • Medium - Medium priority issues
          • Closed
          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: