Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to filter users by client IP

Oded Shafran
Oded Shafran July 2, 2011

Hi

I wanted to expose my JIRA outside.

Problem is, I want to restrict the access to my JIRA only to a certain user.

That is, if accessing the JIRA from IP X only user Y will be able to access.

If accessing from IP Z, only user Q will be able to access

Thanks

Answer
Watch
Like Be the first to like this
913 views

2 answers

2 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 2, 2011

Security by IP address range is never a good idea, it's too easy to spoof IPs and it's unlikely that your user will have a fixed IP address unless they've got a dedicated IP for their organisation. (One of my clients did this recently, and ran straight into a wall when the people they were trying to limit access to turned out to be using a standard ISP, who renewed their IP lease and hence IP address every couple of weeks. Gave access to someone else at the same ISP as well as locking out the real users)

If you want to restrict by IP though, then you'll either have to code something into Jira's authentication code, or you can configure your webserver to restrict the access. I've seen it done in Apache, and I know it's possible in IIS if yo're using that.

View More Comments
Oded Shafran
Oded Shafran July 3, 2011

I am using the standalone using Tomcat...

I want to be able to allow access only to one user when its accessing via a specific IP.

How can webserver communicate with the JIRA application?

Like
Reply
1 vote
Andy Brook [Plugin People]
Andy Brook [Plugin People]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 3, 2011

Depending on the numbers of users involved, restricting access to a nominated user group is best done with a Client Certificate, irrespectie of ISP and or location, a certificate identifies a user. However, such a service comes with an admin overhead, you have to manage the revocation of certificates, for users that move on etc.

More info on Client Certs with Apache - http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#accesscontrol

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events