SSO Enabled JIRA attach screenshot no longer working...

Not sure if anyone else has run into this...but I have enabled SSO via SPNEGO/custom authenticator and it turns out the attach screenshot is causing the client side JRE to prompt for username/pass. If you dismiss the popup it just dumps you back to the issue and this shows in Tomcat logs...

Nov 19, 2012 5:00:56 PM net.sourceforge.spnego.SpnegoAuthenticator doBasicAuth
INFO: Username is required.: Login failed. username=; password.hashCode()=0

Any thoughts on how to get around this from others that might have SSO enabled with this method? Can't figure out if I need to focus on the client side or server side...the directory where the attachments are stored has write privs for all JIRA users, there seem to (so far) be no other issues with being prompted once inside the app.

3 answers

0 votes
Yilin Mo Atlassian Team Nov 19, 2012

I think the problem is that your SSO system is filtering the session ID including in the HTTP header, which makes that JIRA consider the user is not authenticated. Suggest to take a have look in your SSO setting whether it is possible to forward the session ID in the HTTP request.

After making a few attempts at including session IDs in the HTTP header with no luck, coming close to being out of ideas. Seems the server side filter is including all .jsp/jspa which should cover this applet, yet it still does not work. Any chance there is a client side fix for this...whether in the browser OR java run time? Thanks in advance...

Apologies, I am not sure what the exact problem is with the specific authenticator you are using. If by any change what you are trying to achieve is an auto-logon from Windows workstations using credentials of the user who is logged into domain you may want to look at our NTLM Authenticator for Jira and Confluence based on IOPlex Jespa which we distributed since 2008 for a very reasonable price of NZ$150 (+ Jespa license fees).

The reason I am metioning it here: 1) the trial is free 2) we haven't had any reports from the customers regarding issues with the attached files. Having said that if you do try and in your specific case there is a problem - I want to hear about it to improve our authenticator. While doing that we maybe able to suggest a solution for your original problem.

At this point we have everything working BUT the attach screenshot applet, so I would prefer to try and find a fix. Seems to me that SPNEGO with Tomcat is well known enough that someone here must be using it with success. Thank you for you input.

We have the same problem, but with CAS as a SSO. I'll let you know when I get to the issue.

Thank you...would be great to get feedback from others with the same issue. Seems our usergroup is OK with simply entering their credentials for this piece but I would LOVE to see it resolved :)

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,516 views 15 20
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you