How do you secure application links if you try to bypass a proxy?

Following https://confluence.atlassian.com/display/KB/How+to+bypass+a+reverse+proxy+or+SSL+in+Application+Links, it seems the approach, creating a new connector for just application links is not secure; people could make requests against that port.

What is the recommendation for securing the new connector and only assure it will be used for application links, perhaps only from specified soures?  Would it be to configured it to use SSL?  Configure it to use a special truststore?  And what would need to done to the 'other' application to assure the security of the transport layer?

Thank you.

1 answer

0 votes

Hi Wayne, 

When working with Application Links, it may be necessary to bypass any existing reverse proxy or SSL configuration, without disrupting normal usage for your instances. You may also wish to use this process to bypass a proxy during the troubleshooting process.

Since SSL is used to cryptograph a connection, we encourage the users to use that always as they can. The documentation you've mentioned as you can see mention that you should use HTTP for tests purposes or in case you are facing some specific issue related to SSL and Application Links. 

 

You can force JIRA to only accept HTTPS connections. Please check this link on step 5:

https://confluence.atlassian.com/jira/running-jira-over-ssl-or-https-124008.html#RunningJIRAoverSSLorHTTPS-Advancedconfiguration

 

Cheers, 

Renato Rudnicki

Yes, but how do you assure that the second connector will ONLY be used for application links? How do you prevent users from using that connector?

Well, actually you cannot. But here a workaround that could work: Add a firewall rule allowing only the communication on HTTP protocol only among the applications address which are using the application links. Not sure if this will work, but definitely isn't elegant.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,011 views 12 18
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot