Disable profile access to users

We have integrated our login to a single signon system that connects to AD/LDAP. We would like to disable the profile link on the top right as it is throwing some errors. Is there any setting in administrator that can be used to disable this access? We want to disable 1) cause it throws errors 2) Cause it displays information about the groups the user is associated to.

5 answers

1 accepted

1 vote
Accepted answer

If you need to completely hide the profile details, stuff this into the Accouncement Banner

<script type='text/javascript'>
AJS.$(document).ready(function() {
    var profile = AJS.$("#details-profile-fragment");
    if(profile) {
        AJS.$("#details-profile-fragment").hide();
        AJS.$("#preferences-profile-fragment").hide();
        AJS.$("#activity-profile-fragment").hide();
    }
});
</script>

I had to make a small variation for my implementation. I did the below

<script type='text/javascript'>
AJS.$(document).ready(function() {
var profile = AJS.$("#header-details-user");
if(profile) {
AJS.$("#header-details-user").hide();
}
});
</script>

How awesome!! thanks so mcuh for the quick reply. That is the best solution :).

You are welcome, you can accept the answer too :)

Hi Uday

You may restrict this option enabling the External user management option. For further details about this, please use the following link:

For further asistance, I'd suggest you to raise a new ticket at https://support.atlassian.com

JIRA advanced options > https://confluence.atlassian.com/display/JIRA/Configuring+JIRA+Options#ConfiguringJIRAOptions-Options

Cheers,

Paulo Renato

Thanks very much Paulo. I did enable External user management but i could not see the option but i will try again. Appreciate the quick response :). I would be happy to open a ticket but we dont have extended support as we did not renew that contract. Below is a small snipper of the big error message some of my users are getting

An error occurred whilst rendering this message. Please contact the administrators, and inform them of this bug. Details: ------- org.apache.velocity.exception.MethodInvocationException: Invocation of method 'getFragmentHtml' in class com.atlassian.jira.user.profile.ActivityUserProfileFragment threw exception class com.atlassian.gadgets.GadgetParsingException : org.apache.shindig.gadgets.GadgetException: Unable to retrieve gadget xml. HTTP error 500 at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:251) at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:175) at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:220) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:55) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:70) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:230) at org.apache.velocity.Template.merge(Template.java:256) at org.apache.velocity.app.VelocityEngine.mergeTemplate(VelocityEngine.java:422) at com.atlassian.velocity.DefaultVelocityManager.getEncodedBody(DefaultVelocityManager.java:77) at com.atlassian.velocity.DefaultVelocityManager.getEncodedBody(DefaultVelocityManager.java:61) at com.atlassian.velocity.DefaultVelocityManager.getEncodedBody(DefaultVelocityManager.java:56) at com.atlassian.jira.plugin.JiraResourcedModuleDescriptor.getHtml(JiraResourcedModuleDescriptor.java:109)

Hi Uday,

Looking at the concerned error:
- org.apache.shindig.gadgets.GadgetException: Unable to retrieve gadget xml. HTTP error 500

It looks like JIRA failed to load the gadget.xml file, hence the error is thrown when you accessed user profiles. In order to try to fix this issue, can you kindly try the following and see if it helps:
- Shut down JIRA
- Go to $JIRA_HOME/plugins directory, and remove the .osgi-plugins and .bundled-plugins directory
- Restart JIRA, and the removed files will be recompiled again

After restarting JIRA, can you kindly try to access user profiles again and see if the problem is still reproducible?

If the problem still persists, perhaps you may try to go through the following KB article, which perhaps may help us:
-https://confluence.atlassian.com/display/JIRAKB/Gadgets+do+not+Display+when+Failing+to+Access+XML+Specification

Hope the info helps!

Hi Ahmad Faisal,

Thank you for your response and detailed guidance. I tried to access look at the plugins folder but found only one folder called "installed plugins" that does not contain what you mentioned. Just incase i missed this detail earlier, the profile is accessible by admins and developers but not by general users. Not sure if there is some permission that may be missing?

Thanks in advance for the help.

The directories mentioned by Ahmed as hidden as you can see that they start with a dot. Do an ls -a and you can see them.

In addition what are the application links configured in the instance. Can you confirm that they are active and are able to retrieve data from the URLs configured there?

Hi Renjith,

Thanks for the help. Here is how our system is setup.

1) LDAP Authentication with External Authentication system turned to off

2) Default membership of users to jira-users

3) We have a single signon in front of this setup to let users come in directly but brings the ldap user credentials

What i noticed was that though default membership is set to jira-users, the users are not being added to that user group. Only when we add that is that error getting resolved. If the users i not part of jira-users the error is thrown.

1. LDAP Authenticaton means, is it a Delegated Authentication as described here?

https://confluence.atlassian.com/display/JIRA/Connecting+to+an+Internal+Directory+with+LDAP+Authentication

2. When u say Single Sign On, I assume the user still login to JIRA, but uses the LDAP credentials, is that right?

Yes they use LDAP but what we do it that using Tomcat's config we pick the remote user information and pass that along without forcing the user to login. Single signon is a weblogin that captures the ldap information and stores the remote user information. We use something called pubcookie.

I got the same results than Renjith with this code in the announcement banner:

&lt;style type="text/css"&gt;
#details-profile-fragment {
display: none;
}
&lt;/style&gt;

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,946 views 19 22
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you