Our JIRA instance is in HQ, for remote offices there is a huge latency issue. We require SSL to prevent sending clear text passwords as JIRA is AD connected. Since SSL is needed only to protect passwords, is it possible to configure JIRA such that only login requests go over SSL and switch to non ssl (http) for rest of the transactions?
Any other tips on making JIRA faster when dealing with latency in remote location would be highly appreicated, e.g., if someone has setup a local instance, a secondary or a readonly node or something.
I think that the best option to make all logins by SSL and the rest orf the webapp by http is setting up an Apache HTTP (or nginx/lighttpd) in front.
Configure the HTTP and HTTPS connectors in apache, and connect apache to Tomcat(Jira) via AJP-mod_jk or mod_proxy. Optionally you can disable the HTTP connectors in tomcat to prevent direct access to it.
In apache you can configure that all URLs with pattern */login/* should be redirected to https counterpart. and all urls without this pattern should be redirected to plain http. IMO this configuration is a lot easier in apache than in tomcat.
Other options to apache/mod_jk are apache/mod_rewrite or apache/mod_proxy ...
PS: take a look to "varnish" to setup a node in your local office, pointing to the remote HQ location. It's somewhat like a reverse proxy that may help you ..
Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs