Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Writing custom authentication

VinothR
VinothR June 29, 2015

Hi,

We have the following business requirement:

"If a login user is part of a "group" and he is part of range of IP address, then the user able to proceed login successfully.
But if the user is not part of the group and IP address, then the user should not be able to login at all."

I understand that this can be achieve via modification through Seraph, but due to I'm new into JIRA programming, I do not know how to begin with. I was referring to this site. https://docs.atlassian.com/atlassian-seraph/latest/sso.html

It would be very helpful if you could provide me step by step on how can i achieve this.

From my understanding, is this the right step to begin with?

1. Create a empty plugin from "atlas-create-jira-plugin" command
2. Create a java file and write custom authentication by extending "DefaultAuthenticator"
3. Import JIRA Seraph dependencies into pom.xml file
3. Compile and Package the plugin as JAR
4. Copy and Paste the compile JAR file into C:\Program Files\Atlassian\JIRA\atlassian-jira\WEB-INF\lib
5. Start JIRA

Please advice.

Thanks.

Watch
Like Juzer Ali likes this
2598 views

4 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Siri Vias Khalsa
Siri Vias Khalsa August 11, 2016

For a situation like this, you could use a proxy that redirects the unallowed IPs to anywhere but Jira. Its pretty easy to setup in linux with iptables, and most proxies have restrictions built in.

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 29, 2015
  1. Last time I was tinkering with it, I needed to manually place the .jar in the lib directory.
  2. Depends on where you are.  Atlas-create only creates the skeleton for you to start putting code into.  Creating the plugin module comes in when you need to add new modules to your addon - an authenticator may not need modules at all.
Reply
0 votes
VinothR
VinothR June 29, 2015

Hi Nic,

i got 2 questions:

  1. Do i have to copy and paste the JAR file into C:\Program Files\Atlassian\JIRA\atlassian-jira\WEB-INF\lib or i should upload the plugin through JIRA?
  2. Do i need to run "atlas-create-jira-plugin-module" command after run "atlas-create-jira-plugin" command?

Thx.

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 29, 2015

Mostly the right steps, yes.  You're missing:

4.5 Amend the seraph-properties.xml to stop using the built-in authenticator and point to the one in your .jar

(You might have some "fun" with the ip address part of it too - ip addresses are easy to spoof, but also, you won't be able to get them in your code if there's any form of proxying happening)

Reply

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events