Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Example of custom Fisheye authenticator?

Keith Kwiatek
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 11, 2015

Hello,

1. We currently have fisheye fecru-3.5.2 installed and working using standard username and password authentication. We would like to write a custom authenticator to enable SSO/kerberos via an apache mod_auth_kerb+proxy module (we have successfully done this for jira)

2. Basically the apache mod_auth_kerb performs the kerberos authorization and if successful, passes the username (via a header) to the backend server -in this case Fisheye (or Jira). 

3. From reading the fisheye doc below, it seems that we are able to write a custom authenticator. But can you provide guidance on which methods need to be over written? Can anyone provide a sample custom authenticator? What is the process flow for the custom authenticator? 

4. I see that the "checkRequest" method says "Called to allow implementations to determine if the request is pre-authenticated, bypassing FishEye's own HTTP authentication." Is this what we would use in our custom authenticator to take the "request", then grab the username and generate an auth token to fishey? 

https://confluence.atlassian.com/fisheye/custom-authentication-298976833.html

https://docs.atlassian.com/fisheye/2.0.

1 answer

1 vote
lpater
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 27, 2015

Hi Keith,

I've uploaded two simple authenticator examples at https://bitbucket.org/lpater/fisheye-authenticator-examples, hope these will get you going.

When writing a custom authenticator you should extend AbstractFishEyeAuthenticator, instead of implementing the interface directly.

The important methods to implement are checkPassword (to verify username+passwords for users logging in), recreateAuth - to recreate tokens for previously authenticated users. Both of these return an AuthToken, which you also need to provide an implementation for - an AuthToken is a small object representing a user. See the linked examples for some more details.

Best regards,

Łukasz Pater

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events