This question is very similar to :https://answers.atlassian.com/questions/13405994/setting-session-cookies-from-jira-servlet-filter-plugin-with-setloggedinuser
I have set up a servlet in JIRA parsing http request which comes from authenticator A. A has already done the authentication and will embed the passed user name in the http header.
What I need to do is to compare if the user is in JIRA directory and let the user log-in without asking him to enter password.
So how can I set some user (by their names) as logged in user without asking for password?
Thanks in advance,
Community moderators have prevented the ability to post new answers.
Before you go any further, you are using https right?
Start at https://docs.atlassian.com/atlassian-seraph/latest/sso.html - that was based on a doc I used ages ago to do something similar with SSL certificates.
Hi, Nic,
Thanks for your reply. Almost everyone will lead to that page. However, that SSO was across atlassian's product which means user somehow still need to use atlassian's authenticator (correct me if i'm wrong).
But what I'm trying to do here is to find a way to override atlassian's authenticator. You can even consider it as a back-door plugin.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No, you've misunderstood it. That page shows you how to write an authenticator that can replace the Atlassian one. The missing bit is that you don't override or replace it, you just tell seraph to use your class instead of the internal one in the atlassian app. Again though - do NOT try this unless you're using https.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.