Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-3239

Support container managed authentication

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Low Engagement
    • None
    • None
    • 3
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Many SSO solutions integrate at the Tomcat layer by passing an authenticated user(name) to Tomcat. Inside the web application, this username is available through HttpServletRequest.getRemoteUser() and HttpServletRequest.getRemotePrincipal().

      Stash should accept this username as already authenticated and transparently log the user in with that username.

      Presumably, the SSO solution provides an external login page. Stash should redirect the user to a configurable login URL when authentication is required.

      Likewise, when the user logs out in Stash, the SSO session should be terminated. The logout success URL should be configurable as well.

      Finally, when a user has been authenticated using container managed authentication and the remoteUser name is no longer provided by the container, the user should be logged out of Stash.

      Questions:

      • Are the login and logout URLs optional or required?
      • Can the Remote User be spoofed through HTTP headers? Most SSO integrations seem to rely on the AJP connector and not use the HTTP connector. Not sure whether that is for security reasons.
      • Can container managed authentication support be enabled out of the box, or should it be explicitly enabled by sysadmins? Related to the previous questions.

          Form Name

            [BSERV-3239] Support container managed authentication

            Ishwinder Kaur made changes -
            Resolution New: Low Engagement [ 10300 ]
            Status Original: Gathering Interest [ 11772 ] New: Closed [ 6 ]

            Ishwinder Kaur added a comment -
            Atlassian Update - 15 April 2025

            Hello,

            Thank you for submitting this suggestion. We appreciate you taking the time to share your ideas for improving our products, as many features and functions come from valued customers such as yourself.

            Atlassian is committed to enhancing the security and compliance of our Data Center products, with an emphasis on sustainable scalability and improving the product experience for both administrators and end-users. We periodically review older suggestions to ensure we're focusing on the most relevant feedback. This suggestion is being closed due to a lack of engagement in the last four years, including no new watchers, votes, or comments. This inactivity suggests a low impact. Therefore, this suggestion is not in consideration for our future roadmap.

            Please note the comments on this thread are not being monitored.

            You can read more about our approach to highly voted suggestions here and how we prioritize what to implement here.

            To learn more about our recent investments in Bitbucket Data Center, please check our public roadmap and our dashboards, which contain recently resolved issues.

            Kind regards,
            Bitbucket Data Center

            Ishwinder Kaur added a comment - Atlassian Update - 15 April 2025 Hello, Thank you for submitting this suggestion. We appreciate you taking the time to share your ideas for improving our products, as many features and functions come from valued customers such as yourself. Atlassian is committed to enhancing the security and compliance of our Data Center products, with an emphasis on sustainable scalability and improving the product experience for both administrators and end-users. We periodically review older suggestions to ensure we're focusing on the most relevant feedback. This suggestion is being closed due to a lack of engagement in the last four years , including no new watchers, votes, or comments. This inactivity suggests a low impact. Therefore, this suggestion is not in consideration for our future roadmap. Please note the comments on this thread are not being monitored. You can read more about our approach to highly voted suggestions here and how we prioritize what to implement here. To learn more about our recent investments in Bitbucket Data Center, please check our public roadmap and our dashboards, which contain recently resolved issues . Kind regards, Bitbucket Data Center
            Ishwinder Kaur made changes -
            Labels New: cleanup-seos-fy25
            SET Analytics Bot made changes -
            UIS Original: 25 New: 3
            SET Analytics Bot made changes -
            UIS Original: 3 New: 25
            SET Analytics Bot made changes -
            UIS Original: 4 New: 3
            SET Analytics Bot made changes -
            UIS Original: 3 New: 4
            SET Analytics Bot made changes -
            UIS Original: 29 New: 3
            SET Analytics Bot made changes -
            UIS Original: 2 New: 29
            SET Analytics Bot made changes -
            UIS Original: 12 New: 2

              Unassigned Unassigned
              mheemskerk Michael Heemskerk (Inactive)
              Votes:
              20 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated:
                Resolved: