Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to setup JIRA such that only login requests goes over SSL and rest of the time it remains on http?

Vishal Gautam
Vishal Gautam July 2, 2013

Our JIRA instance is in HQ, for remote offices there is a huge latency issue. We require SSL to prevent sending clear text passwords as JIRA is AD connected. Since SSL is needed only to protect passwords, is it possible to configure JIRA such that only login requests go over SSL and switch to non ssl (http) for rest of the transactions?

Any other tips on making JIRA faster when dealing with latency in remote location would be highly appreicated, e.g., if someone has setup a local instance, a secondary or a readonly node or something.

Answer
Watch
Like Brad Mace [ATS] likes this
324 views

1 answer

1 accepted

0 votes
Answer accepted
Alex Perez
Alex Perez
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 2, 2013

I think that the best option to make all logins by SSL and the rest orf the webapp by http is setting up an Apache HTTP (or nginx/lighttpd) in front.

Configure the HTTP and HTTPS connectors in apache, and connect apache to Tomcat(Jira) via AJP-mod_jk or mod_proxy. Optionally you can disable the HTTP connectors in tomcat to prevent direct access to it.

In apache you can configure that all URLs with pattern */login/* should be redirected to https counterpart. and all urls without this pattern should be redirected to plain http. IMO this configuration is a lot easier in apache than in tomcat.

Other options to apache/mod_jk are apache/mod_rewrite or apache/mod_proxy ...

PS: take a look to "varnish" to setup a node in your local office, pointing to the remote HQ location. It's somewhat like a reverse proxy that may help you ..

HTH

View More Comments
Vishal Gautam
Vishal Gautam July 4, 2013

Thanks Alex, will try this.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events