Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Do the Login & Logout events exist and are they exploitable with ScriptRunner?

Environment : Cloud (Confluence, JSD, JSW)

Hello everyone,

The events I'm finding in the documentations are related to the Atlassian tooling (issues, pages, etc.). 

I can't seem to find the answer so here is the question : can I use ScriptRunner to trigger an action on login / on logout

About the use-cases:

- For the login, I'm trying to exploit some custom SAML attributes that I'm receiving from an identity provider on login (I'm using SAML SSO).

- For the logout, I want to call an API to notify the identity provider that the user logged-out (there's no logout binding).

Thank you all in advance,

Regards,

Dylan

1 answer

1 accepted

1 vote
Answer accepted

I've been able to trigger some actions on login event.

But I am not sure how you would tie in your login event script with the SAML attributes unless you can make some api call back to your saml idp and retrieve those attributes again.

However, with SAML SSO (reichert solution) I am not detecting any logout event.

If you can't do logout binding, perhaps you can trick your system by hiding the default logout link, and substitute your own that would go to a scriptrunner rest api and after your script runs, you redirect the user to the default logout page.

Looks like I am able to detect the logout even if I disable the Logout Redirection  from my SAML plugin.

Hi @Peter-Dave Sheehan and thanks!

Your answers are quite encouraging for the current investigation and I thank you very much for the side-tips about the use-cases.

I'd like to know where you went to detect the events / how you did it. Can you redirect me to some documentation please ? I can't seem to go further than manipulating existing events in the "Script Listeners" tab / testing code in the "Script Console" tab.

Thanks a lot again,

Regards,

Dylan

Well, the Script Listener tab is where you want to be.

  1. Create a new custom script listener,
  2. select LoginEvent or LogoutEvent in the  Events to listen too,
  3. Write a script for what you want to do when that event is detected

In my case all I did was write a line of text to the log:

2020-10-20 10_30_15-Window.png

Then I tailed the log while logging out with a test account and saw that line go in the log.

Both the LoginEvent and the LogoutEvent generate an UserEvent (as subclasses). 

You can see the documentation for those event classes here: https://docs.atlassian.com/software/jira/docs/api/8.11.1/com/atlassian/jira/event/user/UserEvent.html

You will see that there isn't a whole lot of information in those classes, but at least the user is there, that's probably the most critical piece.

The rest of the script will really be depending on what you intend to do.

The only other documentation I can point you to is the generic custom listener page at adaptivist: https://scriptrunner.adaptavist.com/6.5.0-p5/jira/listeners.html#_custom_listeners

Thank you very much @Peter-Dave Sheehan, that's very informative.

However, I noticed that I'm talking about ScriptRunner for Jira Cloud and you're talking about ScriptRunner for Jira Server.

As such, I can't find the same events and I can't even find the "Custom Listeners" tab. 

Should I give up?

Thanks again,

Regards,

Dylan

My bad... I completely missed that you were working with Cloud.

Unfortunately, I know nothing of the capabilities and limitations of scriptrunner in a cloud environment. Especially with regards to listeners.

At a quick glance, there doesn't appear to be any login/logout event that can be used in a cloud listener. There is user_created, user_deleted and user_updated events only

It's alright, I learned a lot thanks to you :-).

I'll do with what I have and suggest different behaviours to the client.

Thanks a lot for your time, I really appreciate it.

Regards,

Dylan

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Trello

📹 What is a Trello board?

Hi, Atlassian Community! My name is Brittany Joiner and I am a Trello enthusiast and Atlassian Community Leader. I'll be sharing with you a series of videos with my top tips on how to best use Tre...

0 views 0 2
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you