-
Bug
-
Resolution: Fixed
-
High
-
2.3.3
-
Severity 1 - Critical
-
NOTE: This bug report is for JIRA Service Desk Server. Using JIRA Service Desk Cloud? See the corresponding bug report.
We have a plugin that injects some javascript into SD customer portal. This plugin embellishes some custom fields with HTML generated based on REST calls to the plugin's REST endpoints.
Our customer reported that their 'customer' users do not the proper embellishments, instead they get some Javascript error. It turned out that when a user who is not in jira-users (an SD 'customer') is accessing the page with our plugin on it, the plugin makes a REST call that gets 302-redirected to /servicedesk/customer/portal/1. Which means that everything gets broken. Adding @AnonymousAllowed annotation to the plugin's endpoint does not help, as it only works when the user is actually not logged-in. When they log in, apparently SD servlet filter (or whatever) redirects blindly to a bad place.
This is breaking our plugin in very bad ways and we are likely losing sales because of this.
Are there any workarounds for this behaviour? I have tried injecting a serlet filter, but it is not being invoked.
The plugin in question is https://marketplace.atlassian.com/plugins/com.spartez.jira.plugins.ephor-for-jira, but the behaviour can be trivially reproduced with any plugin that has a REST endpoint. Just log in as an SD 'customer' and go to plugin's REST endpoint
- relates to
-
-
- Closed
-
-
![[JIRA Server (Bulldog)]](/images/icons/generic_link_16.png "[JIRA Server (Bulldog)]")
JSDS-81
You do not have permission to view this issue
- depends on
-
SDECO-318 Failed to load
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
[JSDSERVER-1640] SD redirects calls to any plugin's REST endpoints to /servicedesk/customer/portal/1
| Workflow | Original: JSD Bug Workflow v5 - TEMP [ 2304557 ] | New: JAC Bug Workflow v3 [ 3126116 ] |
| Status | Original: Done [ 10044 ] | New: Closed [ 6 ] |
| Symptom Severity | Original: Critical [ 14430 ] | New: Severity 1 - Critical [ 15830 ] |
| Workflow | Original: JSD Bug Workflow v5 [ 2058392 ] | New: JSD Bug Workflow v5 - TEMP [ 2304557 ] |
| Workflow | Original: JSD Bug Workflow v5 - TEMP [ 2055382 ] | New: JSD Bug Workflow v5 [ 2058392 ] |
| Workflow | Original: JSD Bug Workflow v5 [ 1956180 ] | New: JSD Bug Workflow v5 - TEMP [ 2055382 ] |
| Workflow | Original: JSD Bug Workflow v4 [ 1615437 ] | New: JSD Bug Workflow v5 [ 1956180 ] |
| Description |
Original:
We have a plugin that injects some javascript into SD customer portal. This plugin embellishes some custom fields with HTML generated based on REST calls to the plugin's REST endpoints.
Our customer reported that their 'customer' users do not the proper embellishments, instead they get some Javascript error. It turned out that when a user who is not in jira-users (an SD 'customer') is accessing the page with our plugin on it, the plugin makes a REST call that gets 302-redirected to /servicedesk/customer/portal/1. Which means that everything gets broken. Adding @AnonymousAllowed annotation to the plugin's endpoint does not help, as it only works when the user is actually not logged-in. When they log in, apparently SD servlet filter (or whatever) redirects blindly to a bad place. This is breaking our plugin in very bad ways and we are likely losing sales because of this. Are there any workarounds for this behaviour? I have tried injecting a serlet filter, but it is not being invoked. The plugin in question is https://marketplace.atlassian.com/plugins/com.spartez.jira.plugins.ephor-for-jira, but the behaviour can be trivially reproduced with any plugin that has a REST endpoint. Just log in as an SD 'customer' and go to plugin's REST endpoint |
New:
{panel:bgColor=#e7f4fa} *NOTE:* This bug report is for *JIRA Service Desk Server*. Using *JIRA Service Desk Cloud*? [See the corresponding bug report|http://jira.atlassian.com/browse/JSDCLOUD-1640]. {panel} We have a plugin that injects some javascript into SD customer portal. This plugin embellishes some custom fields with HTML generated based on REST calls to the plugin's REST endpoints. Our customer reported that their 'customer' users do not the proper embellishments, instead they get some Javascript error. It turned out that when a user who is not in jira-users (an SD 'customer') is accessing the page with our plugin on it, the plugin makes a REST call that gets 302-redirected to /servicedesk/customer/portal/1. Which means that everything gets broken. Adding @AnonymousAllowed annotation to the plugin's endpoint does not help, as it only works when the user is actually not logged-in. When they log in, apparently SD servlet filter (or whatever) redirects blindly to a bad place. This is breaking our plugin in very bad ways and we are likely losing sales because of this. Are there any workarounds for this behaviour? I have tried injecting a serlet filter, but it is not being invoked. The plugin in question is https://marketplace.atlassian.com/plugins/com.spartez.jira.plugins.ephor-for-jira, but the behaviour can be trivially reproduced with any plugin that has a REST endpoint. Just log in as an SD 'customer' and go to plugin's REST endpoint |
| Link |
New:
This issue relates to |
| Status | Original: Released to Cloud [ 11373 ] | New: Done [ 10044 ] |
| Fix Version/s | New: 3.3.0 [ 61746 ] |