well, I would use e.g. Apache as a fronting web server. Then you could configure rules on Apache or even network interfaces (firewall) levels which allow only given IPs (that's the admin computers) to access it.
You could also have JIRA exposed on a few interfaces (Tomcat connectors) and make one known (and even physically accessible with network rules) just to admins.
With Apache you could probably easily configure an additional password protection for whole realm which only when given would let in traffic to fronted JIRA instance.
Finally you could termporarily deprive jira-users from logging in to JIRA by modyfing Global Permissions ("JIRA Users"). But then rememember to leave to yourself such rights. That would not prevent anonymous access though.
Thank you. I choose to follow your last suggestion, as it is the easiest to implement quickly.
For others needing a quick guide to this, go to "Administration > Users > Global Permissions", to the line "JIRA Users", and [Delete] all groups (first making a note of them all, so as to restore the permission after the maintenance is completed).
Any users or groups with the "JIRA System Administrators" and/or "JIRA Administrators" permission (on this same page) will still be able to login. I am assuming that I will coordinate the maintenance period with any other users in these groups to avoid any conflicts.
After maintenance is completed, [Add] the Permission "JIRA Users" to the groups you noted earlier.
ciao - John.
Thanks to all -
JIRA is used internally, and I can shut it down without impacting users too much (I just need to time it correctly)
This is off topic, but just to clarify my situation:
I'm going through all this because we are changing all usernames from one LDAP domain to another, and each user is changing credentials from "personnel-number" to "firstname-lastname", and there is no supported JIRA method to change usernames (IDs). So I will backup to XML, edit the XML, and restore the data.
This is primarily due to JIRA not conforming to normalized relational database. JIRA is not using the primary key [ID] of the Users table as foreign key into other tables, but using the [username], thus making it incredibly difficult to change the username without having to change umpteen other links. What happens when someone gets married and changes their name?
If I do need to do this in the future, however, I will definitely look into "port change and pacifier page".
Thanks again for all your feedback.
ciao - John
Here's a country simple recipe from out in Oklahoma for maintenance:
I do it this way because of multiple, overlapping goals of "fall back" and "might be extended maintenance", etc. Also, in the Apache example (Confluence/JIRA running on non-80 port) where the Apache is proxying, just shutdown the Apache. :) G.
Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs