BorisBaldassari / Alambic / issues / #143 - Jira using session cookie instead of username password — Bitbucket

Issue #143 wontfix

Gregoire Biette created an issue 2017-12-30

Hello Boris,

I have adapted JiraIts plugin into a new plugin JiraItsSSO. (I wanted it at start to support SSO but our SSO is using MFA...). It still let you pass through SSO (but not permanent).

For this I also adapted a jira perl client you can find here : https://github.com/genehack/jira-rest/blob/master/lib/JIRA/REST.pm I put this in Tools/JiraSSO.pm I don't know if it is the right place.

Please find attached the two files

Comments (7)

Boris Baldassari repo owner
Hi Gregoire,

Thanks for your contribution (again ;-)! The Tools directory should be used for tools that have local actions on the project, like Git to retrieve source code, GrimoireLab, PMD or Findbugs for local analysis. I'll check what the file exactly does and provide some more info about where it should go.

I'll keep you posted here.
- 2018-01-03T11:55:53+00:00
Gregoire Biette reporter
Hello Boris, Yes, I tought it when I saw tools tab in admin module. (Actually I saw you could use Alambic::Tool::R in your Plugin so I saw the opportunity to use my custom library easily the same way !).

Also, with this session cookie thing, my projects will share the same cookie that I will need to change every 3 days. Is it possible to set a this configuration "globally" instead of changing it by project.
- 2018-01-03T15:51:25+00:00
Boris Baldassari repo owner
Hi Gregoire,

I'm not sure to really understand the cookie issue.. In my understanding cookies are valid for the connection only, and there is no guarantee that you can use it across several runs. I might be wrong, though, since I've not checked the code. I will soon.

As for the global parameter, I don't think this can be done with the actual framework. It is something I've thought about for the next major version of Alambic (4.0), but I see no simple workaround to do it now. Maybe by discussing your need we can find a way. :-)

Cheers,
- 2018-01-04T14:59:56+00:00
Gregoire Biette reporter
Hello Boris,

Yes unfortunately the token has to be renewed, but it's the easiest way to pass through Multi Factor SSO. (The idea with a global config is to make a small tools that help to renew this token quite easily).

I would totally understand that this features should not be integrated, since this need is not shared broadly.
- 2018-01-05T15:24:26+00:00
Boris Baldassari repo owner
Hi Grégoire,

Yes, I believe that setup is not typical enough to enter the main branch. OTOH I plan to have a 'install plugin' feature from a dedicated repo or zipped file, which would be a good fit for this kind of custom dev. This won't be before Alambic 4.0, though.

I'll help you improve it but we'll probably keep it in a branch, at least for now. WDYT?
- 2018-01-19T07:32:37+00:00
Boris Baldassari repo owner
Issue ~~#155~~ was marked as a duplicate of this issue.
- 2020-12-09T21:49:35+00:00
Boris Baldassari repo owner
- changed status to wontfix
Projects has been archived.
- 2022-11-27T09:41:44+00:00
Log in to comment

Assignee: –

Type: enhancement

Priority: minor

Status: wontfix

Component: Plugins

Milestone: Alambic 3.3.2

Votes: 0

Watchers: 1

Jira: the preferred issue tracker for Bitbucket. Join the team!