Our jira instance accessible by our internal users and it can be accessed via intranet
Due this tight security setup, we couldn't integrate the third party application with our JIRA instance. example ...Smartsheet
So, now we have created the external public faced FQDN(DNS) and allowed particular API- IP address to access the instance.
So now we have two DNS, one for private user access and another for third party applications to access it.
If we configure both DNS separately its works.
Issue here is, how we can configure the two proxy name in server.xml configuration file? So that i can have one for internal users and another for third party integration without affecting anything?
Hi @Nic Brough [Adaptavist],
I have JIRA application which is allowed to access inside my corporate network. When Third party application hits to JIRA, it won't get response since my URL can be access inside the network.
To overcome this issue, I have created another URL and allowed third party application to access it.
So now I have two urls, one for private access and another one for third party application access it but I am not sure how to configure the two domain in jira
Hi @Mathiyalagan ,
We are in similar situation.
We have external URL for integrating with external apps. We have allowed few external IP addresses to access the Jira instance with external URL.
And, internal url is used by internal users. Base URL is internal URL. Proxyname in server.xml is same as base URL.
However, this doesn't work for external integrations that are configured using application link (OAuth) (Eg: smartsheet jira integration as it requires external URL must match proxyname in server.xml).
We reached out to Atlassian and they said they don't support multiple proxynames and it might break. They mentioned different URLs can cause security checks to fail with OAuth or SAML, etc. Jira is not currently designed to support multiple URL endpoints. https://jira.atlassian.com/browse/JRASERVER-69185
Could you please let me know if you have faced any issues by configuring two different proxy name on 8080 and 8081 ?
You will find the non-base-url proxy has the wrong url, so it will fail. All links given out by Jira will be for the base-url and you'll have problems authenticating the other one, gadgets and reports may fail, people will be directed to the base url unexpectedly, and so-on.
I would remove your second proxy, it's not going to work properly.
This is not related but looks like @Nic Brough _Adaptavist_ knows a lot about this. Can we configure two diferent connectors on server.xml, one for HTTP and another one for HTTPS? I think this should users let access by using HTTP but will show them an error, as URL BASE can be only one of them, true?+
I have achieved this by having two connector port in server.xml to handle this scenario. Configure 8080 and 8081 respectively for two different proxy name.
Allow one port for internal user and allow second port for third party integration. Please make sure you have tight security setup placed to make sure no data visibility for outside users.
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events