Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Connection between JIRA 6.2.4 and Fisheye 3.4.3 even possible?

Martin Kautz2
Martin Kautz May 13, 2014

Former working connection via "Trusted application" broke after upgrading both JIRA and FishEye.
Is it right that we need to switch to OAuth now as suggested by the link?

https://answers.atlassian.com/questions/266677/jira-6-2-jira-is-having-difficulty-contacting-fisheye-if-this-condition-persists-please-contact-your-jira-administrators

What could be the reason that in JIRA's application link to fisheye the tabs for "Trusted application" and "OAuth" always fails to load for "Outgoing connections" (infinite spinning progress indicator)?

Please help,

Martin


Answer
Watch
Like Be the first to like this
765 views

7 answers

1 accepted

0 votes
Answer accepted
gustavo_refosco
gustavo_refosco
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2014

Hi Martin,

If you are using a standalone JIRA, you can start it from FishEye. Using JIRA OnDemand requires that you start creating it from JIRA.

I'm sorry for the confusion about "we do recommend OAuth" and "requires OAuth".

In fact, the Development Panel requires OAuth to work, but the "Trusted Applications" option is still there, so you would be free and able to use it instead of OAuth. However, by doing this you wouldn't have the Development Panel. If I'm not mistaken, I think that you would still be able to have the Source and Reviews tab if JIRA FishEye Plugin is enabled, but this is going to be discontinued in the future.

View More Comments
Martin Kautz2
Martin Kautz May 13, 2014

Hi Gustavo,

thanks for clarification. I can drop the "Source" and "Reviews" tabs easily as long as I'd still able to make smart commits to log my time.

Kindest regards,

Martin

Like
Reply
0 votes
gustavo_refosco
gustavo_refosco
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 15, 2014

Tini,

2-LO with impersonation is making the system behave more like Trusted Applications, but still using the OAuth protocol. It allows, for example, James to access Instance A and loads a page that needs data from Instance B, that perhaps he does not have access to, but user account Jeff does have access to. So James loads the page, Instance A collects data from Instance B by posing as user Jeff, and returns all the data to James.

This is not hugely recommended for obvious security implications, but is there as a convenience option for certain setups.

View More Comments
Tini Good
Tini Good
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 15, 2014

So yes. And it appears it is offered to support access to data without access to the integrated application/project space? That seems strange to me, I can't imagine a use case other than as a license cost control method. Happily, I don't need it.

However, I find I can't get full and appropriate data integration access for Plugins between JIRA and FE/Cruc using only OAuth. It breaks the Source tab on JIRA issues (Fisheye Plugin). I've purposefullly delayed upgrading to JIRA 6.2 because of OAuth, hoping to better understand the implications first. Currently, it looks like I will need both Trusted Applications and OAuth methods configured/enabled (which seems to negate the reasoning behind the switch). It would be helpful if documentation better addressed when you need both.

Like
Reply
0 votes
Tini Good
Tini Good
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 14, 2014

Could you please explain why/when 2-legged OAuth would need to allow user impersonation? Wouldn't this over-ride individual user project access permissions to data on the connected server?

Reply
0 votes
gustavo_refosco
gustavo_refosco
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2014

Hi Martin,

Yes, we do recommend to have the Application Link configured as OAuth in the latest versions of JIRA and FishEye in order to have the integration functionalities properly working. Trusted Applications is a model created by Atlassian to allow the execution of specific functions on behalf of any user. This is different from OAuth, which executes functions on behalf of a resource owner. Please, take a look at the OAuth document as I believe it will be helpful to configure an Application Link with OAuth.

In the latest versions of JIRA and FishEye both Source and Reviews tabs were replaced by the Development Panel, but it works only when using OAuth.

I'd suggest you to give a try deleting the Application Link from both ends (JIRA and FishEye), and try re-creating it using OAuth.

View More Comments
Martin Kautz2
Martin Kautz May 13, 2014

Hello Gustavo and Benito,

at first I just want to thank you for trying to help me out. However, I am somewhat puzzled about the difference between "we do recommend OAuth" and "requires OAuth". :-)

Well, I jut got rid of the connector on both ends. Is it okay to start "re-wiring" them starting from FishEye? Or am I enforced to create the new application link in JIRA?

Regards,
Martin

Like
Reply
0 votes
Benito Picarelli
Benito Picarelli
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 13, 2014

Hello Martin,

As Piotr mentioned in the link you provided, the development panel introduced in Jira 6.2 requires App Links with OAuth and 2-legged authentication enabled.

You can also take a better look at this page introducing the feature:

https://blogs.atlassian.com/2014/03/visualize-development-jira-6-2/

Hope this helps clear up things.

Benito Picarelli


Reply
0 votes
Luciano Fagundes
Luciano Fagundes
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 13, 2014

Martin, is it possible to provide some log entries when trying to synch both apps? Is there any error logged? That will help with the troubleshoot. :)

View More Comments
Martin Kautz2
Martin Kautz May 13, 2014

Hi Luciano,

nothing really suspicious. Log is somewhat polluted by the warning of a pending notification caused by a meanwhile de-installed plugin (Gant-Chart). Do you have a step-by-step manual describing the right wiring for these particular versions? Your documentation system is such a mess and refers always to outdated versions of JIRA.

Like
Reply
0 votes
Andris Grinbergs
Andris Grinbergs
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2014

Maybe try syncing clock on both servers. It may help.

View More Comments
Martin Kautz2
Martin Kautz May 13, 2014

Hey Andris,

both Fisheye and JIRA are installed on the same server.

Thank you, nevertheless. :-)

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events