I need to verify if http basic authentication is enabled on a particular jira instance. If I run createmeta calls against the REST api I get 401 unauthorized errors, which leads me to believe that http basic is disabled since these same curl calls work against another jira instanse I have access to and I can log in using a browser.
What's the easiest way to confirm in the jira configuration that http basic authentication has been disabled?
Run curl -v http://jira-urll?os_authType=basic to see the request and response headers when accessing JIRA.
If you see this response header:
WWW-Authenticate: Basic realm="protected-area"
Then you know HTTP Basic authentication is enabled.
As far as I know, there is no way to turn off HTTP Basic authentication in JIRA. You would only be able to achieve this by installing a custom Seraph authenticator in Confluence (eg. to enable single sign-on in your JIRA instance, for example).
Thank you! This is perfect. I believe this case is one of the Seraph authenticator having been installed, this gives me a much better understanding of what's going on.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Oops! Sorry, I've just realised there is a mistake in my answer. You need to run curl -v http://jira-url?os_authType=basic
The parameter on the end is important in order to make Seraph challenge you for basic authentication. Sorry for the confusion and sorry I didn't pick up on this earlier! Hope I didn't waste too much of your time.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, I am trying to determine whether Basic Auth is enabled or not for my JIRA instance. As per other suggestion I tried below curl command
curl -v https://<JIRA-URL>?os_authType=basic
and got below headers in response.
WWW-Authenticate :Basic realm="protected-area"
WWW-Authenticate : OAuth realm="<JIRA-URL>"
I am bit confused with both Basic and OAuth being present in response.
I am getting 403 for all the REST calls being made with Basic auth even for GET
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.