Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Setting session cookies from JIRA servlet filter plugin with setLoggedInUser()

Evan Sonderegge
Evan Sonderegger
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 10, 2015

I am attempting to write a servlet filter plugin to handle authentication for our JIRA installation with SiteMinder.

The workflow I'm hoping to achieve is:

1.User attempts to access a JIRA url. SiteMinder intercepts that request and injects http headers with values for username, email, and display name.

2.The plugin checks for the SiteMinder username header. If a JIRA user matching that name exists, log them in as that user.

3.If the JIRA user does not exist, create a user with the username, email, and display name from the SiteMinder headers.

And this is the code I'm using to accomplish that (inside a servlet filter plugin):

public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
      throws ServletException, IOException
  {
    HttpServletRequest httpReq = (HttpServletRequest) req;
    final JiraAuthenticationContext jiraAuthenticationContext = ComponentAccessor.getJiraAuthenticationContext();
    UserUtil myUserUtil = ComponentAccessor.getUserUtil();
    UserManager myUserManager = ComponentAccessor.getUserManager();
    
    String smUserHeader = httpReq.getHeader("SM_USER");
    
    if (myUserUtil.userExists(smUserHeader.toLowerCase()))
    {
      jiraAuthenticationContext.setLoggedInUser(myUserUtil.getUserByName(smUserHeader.toLowerCase()));
    } 
    else {
      try {
        String smEmailHeader = httpReq.getHeader("SM_MAIL");
        String smFullNameHeader = httpReq.getHeader("SM_CN");
      
        String randomPassword = myUserManager.generateRandomPassword();
        User aNewUser = myUserUtil.createUserNoNotification(smUserHeader.toLowerCase(), randomPassword, smEmailHeader, smFullNameHeader);
        
        jiraAuthenticationContext.setLoggedInUser(myUserUtil.getUserByKey(ComponentAccessor.getUserKeyService().getKeyForUser(aNewUser)));
        } catch (Throwable t) {
          log.debug("problem creating user");
        }
    }
    chain.doFilter(req, resp);
  }

The problem I'm running into is that the cookies are not being set for X-AREQUESTID, X-ASESSIONID, and X-AUSERNAME, so all requests to /jira/rest and /jira/plugins are failing.

Has anyone run into this before? Am I going about the task of writing a single sign on plugin completely wrong?

Thanks in advance for any help.

Watch
Like Alexander Chudesnov likes this
532 views

1 answer

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Daniel Wester
Daniel Wester
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 10, 2015

You might want to take a look at https://docs.atlassian.com/atlassian-seraph/latest/sso.html .

Reply
Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events