Our JIRA instance is in HQ, for remote offices there is a huge latency issue. We require SSL to prevent sending clear text passwords as JIRA is AD connected. Since SSL is needed only to protect passwords, is it possible to configure JIRA such that only login requests go over SSL and switch to non ssl (http) for rest of the transactions?
Any other tips on making JIRA faster when dealing with latency in remote location would be highly appreicated, e.g., if someone has setup a local instance, a secondary or a readonly node or something.
I think that the best option to make all logins by SSL and the rest orf the webapp by http is setting up an Apache HTTP (or nginx/lighttpd) in front.
Configure the HTTP and HTTPS connectors in apache, and connect apache to Tomcat(Jira) via AJP-mod_jk or mod_proxy. Optionally you can disable the HTTP connectors in tomcat to prevent direct access to it.
In apache you can configure that all URLs with pattern */login/* should be redirected to https counterpart. and all urls without this pattern should be redirected to plain http. IMO this configuration is a lot easier in apache than in tomcat.
Other options to apache/mod_jk are apache/mod_rewrite or apache/mod_proxy ...
PS: take a look to "varnish" to setup a node in your local office, pointing to the remote HQ location. It's somewhat like a reverse proxy that may help you ..
HTH
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.