Post a Comment If you will ask a question, please don't comment here. For your questions, please create an issue into my forum. I will support you from there. This post is not directly related with Oracle products. It is actually not so so related with JIRA, as well. My main focus is to give a recall to one of the web tier components, that we use in some of our advanced EBS configurations like offloading SSL works to Web Servers or enhancing the security of our environment by putting an extra layer in front of our application server, which is supposed to be open to the internet.

The Forward Proxy is the the default Proxy that we use in our daily lives with the Proxy term. Reverse Proxy is something else. Altough reverse proxy is not the direct opposite of forward proxy, they are very different. That is, reverse proxy is for servers, and the forward proxy is for clients.

Securing Stash behind HAProxy using SSL

I will not go very deep in that, but let's say, in forward proxy, the servers that are reached through the proxy, do not know the clients, but in reverse proxy, clients do not know the backend servers. So in other words; in forward proxy, the clients want to go to the servers like google. So, you will not see any change in your browser's address bar, as you will think that you are talking with my Apache Server. This reverse proxy component can be widely used in the Enterprises.

It is used for securityit is used for adding an intermediate levels, it is used for SSL offloading and so on. Below, you will find how we used a reverse proxy to open a JIRA system to internet.

In this scenario, we will use nginx reverse proxy for redirecting the https traffic to http. The clients will come to the reverse proxy with an internet dns name using https and we will pipe them transparently to our tomcat web server JIRA using http, which is running inside our network. So the connection between the clients and our reverse proxy server will be https. Also from client's perspective, the connection from our clients to jira will be https as well.By using our site, you acknowledge that you have read and understand our Cookie PolicyPrivacy Policyand our Terms of Service.

The dark mode beta is finally here. Change your preferences any time. Stack Overflow for Teams is a private, secure spot for you and your coworkers to find and share information. Goal: I want to get automatically logged in into Jira if I'm logged in into Webseal reverse proxy. Both systems authenticate user and send the user name in an HTTP header. The name of HTTP header can be configured.

Also, they can send additional user properties, like the user email in the additional HTTP headers. Learn more. Jira 5. Asked 6 years, 11 months ago. Active 6 years, 4 months ago. Viewed 5k times. Each example uses an old version of atlassian-seraph Jira 5. Background: Jira is behind a reverse proxy see picture. This proxy authentificatates the user and holds the session. Tobias Sarnow.

Tobias Sarnow Tobias Sarnow 10 10 silver badges 38 38 bronze badges. Active Oldest Votes. Tobias: Your answer involving CustomFilter was very helpful I'm curious, are you using this generically, in order to automatically grab the user from the HTTP request, or are you using Crowd across the board for SSO? I am not using Crowd, but would love to be able to pull the user in that way if possible, as it is so convenient. I don't use any additional Crowd service just the api that already exists, because creating your own Principal can be really tough.

I'm curios if I understand your question?! You definitely can solve it in Jira. It assumes that the header name is uid You need to configure the header uid in WebSeal or try to obtain sources and make the header name configurable.By using our site, you acknowledge that you have read and understand our Cookie PolicyPrivacy Policyand our Terms of Service.

The dark mode beta is finally here. Change your preferences any time. Stack Overflow for Teams is a private, secure spot for you and your coworkers to find and share information. I cannot login for the first time with an existing Administartor Account. If I login on jira without the apache proxy which suceed and then on the apache proxied "version" of jira it works. This is very confusing. I used with success: RewriteRule. This is a working and Nessus scanned config. Also, Certbot. Learn more.

Accessing Jira through Apache reverse proxy Ask Question. Asked 3 years, 1 month ago. Active 1 year, 1 month ago.

Viewed times. I have set up Jira Core 7. I use following Settings for the Apache httpd. Snickbrack Snickbrack 1 1 gold badge 11 11 silver badges 35 35 bronze badges. Active Oldest Votes. Your rewrite rule doesn't pass the whole original URL. Leave everything else default. Sign up or log in Sign up using Google. Sign up using Facebook. Sign up using Email and Password. Post as a guest Name. Email Required, but never shown. The Overflow Blog. Socializing with co-workers while social distancing.

Podcast Programming tutorials can be a real drag. Featured on Meta. Community and Moderator guidelines for escalating issues via new response…. Feedback on Q2 Community Roadmap. Triage needs to be fixed urgently, and users need to be notified upon…. Dark Mode Beta - help us root out low-contrast and un-converted bits. Technical site integration observational experiment live on Stack Overflow.

Related Hot Network Questions. Question feed. Stack Overflow works best with JavaScript enabled.Everyone knows the Problem. In my case, running Haproxy in Transparent mode wasnt a good solution for me, since my setup of Jira and Confluence running on same machine an they both talk to each other via Oauth using their offloaded SSL URL. The Haproxy part First of all, we make sure that Haproxy forwards the x-forwarded-for header correctly by checking our haproxy.

And add following snippet after that entry and dont forget to replace the internalProxies so it fits your setup:. Tags: forwardfor haproxy RemoteIpValve tomcat x-forwarded-for. October 21, February 4, September 5, Your email address will not be published. This site uses Akismet to reduce spam. Learn how your comment data is processed. Fix yosemite rtc alarm wakeup issue. Install Mountain Lion WordPress Bad value category tag for attribute rel on element a.

Rate this item: 1.

Get Real IP with Haproxy Tomcat Jira Confluence using x-forwarded-for

Please wait Leave a Reply Cancel reply Your email address will not be published. How-To Install Mountain Lion You have to restart the gluster daemon reboot glusterfs servers that Thanks for the post, Jules. I have the same problem withJoin the community to find out what other Atlassian users are discussing, debating and creating.

I've got a clean JIRA 7. It uses the default port for http requests, and I've also enabled an SSL certificate to enable https requests on port This would be easier if you used apache. But I found this doc for Bitbucket which you could adapt for Jira. All you need for a proxy other than defaults are:. Then in HAproxy or in my case apache would be the one to redirect 80 to You must be a registered user to add a comment.

jira haproxy reverse proxy

If you've already registered, sign in. Otherwise, register and sign in. So as long as my front end proxy is listening on for https and forwarding to the backend which is using for http, port 80, I only have to worry about:. This effectively terminates the SSL at the proxy, which is much more efficient than doing that at tomcat jira.

Communication between the proxy and Jira is http and the end user never hits Jira directly, always through the proxy. It uses the SSL key and certificate found within corp.

It will only allow concurrent connections to the server at once. Is there a way to set an auto-redirect in the proxy so that http requests to myjira. I'm assuming there is, I just don't know the syntax. We just installed jira in linux. You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events. Atlassian Community logo Explore. Create Ask the community.By using our site, you acknowledge that you have read and understand our Cookie PolicyPrivacy Policyand our Terms of Service.

The dark mode beta is finally here. Change your preferences any time. Stack Overflow for Teams is a private, secure spot for you and your coworkers to find and share information. I cannot login for the first time with an existing Administartor Account.

If I login on jira without the apache proxy which suceed and then on the apache proxied "version" of jira it works. This is very confusing. I used with success: RewriteRule. This is a working and Nessus scanned config. Also, Certbot. Learn more. Accessing Jira through Apache reverse proxy Ask Question. Asked 3 years, 1 month ago.

Active 1 year, 1 month ago. Viewed times. I have set up Jira Core 7. I use following Settings for the Apache httpd. Snickbrack Snickbrack 1 1 gold badge 11 11 silver badges 35 35 bronze badges. Active Oldest Votes. Your rewrite rule doesn't pass the whole original URL. Leave everything else default.

jira haproxy reverse proxy

Sign up or log in Sign up using Google. Sign up using Facebook. Sign up using Email and Password.By using our site, you acknowledge that you have read and understand our Cookie PolicyPrivacy Policyand our Terms of Service. Server Fault is a question and answer site for system and network administrators. It only takes a minute to sign up. However, I cannot get the Apache reverse proxy to work, for reasons that elude me despite considerable reading.

I'm running Apache2. The default site works fine; my site configuration is just a modified version of that. When I hit the site in a browser, I get a Not Found with the following standard text:. So I can access the site just fine at ourcomain.

Possibly that last line indicates the issue - should it be listening on port instead, and accordingly should I be changing the vhost entry above? Clearly I have something wrong, but I'm not seeing it; my configuration appears to match that specified by the directions on the JIRA wiki precisely. Some help would be much appreciated. I've walked through several other answers here, and had no luck with those, either. You have a ServerName ourdomain. The default one takes precedence because it's alphabetically first; your jira config is not being used.

jira haproxy reverse proxy

Change the ServerName ourdomain. Sign up to join this community. The best answers are voted up and rise to the top. Home Questions Tags Users Unanswered. Asked 7 years, 2 months ago. Active 7 years, 2 months ago.

Quick and easy secured reverse-proxy endpoints via HAProxy + ACME on your pfSense machine

Viewed 3k times. Chris Krycho. Chris Krycho Chris Krycho 1 1 silver badge 7 7 bronze badges. Can you expand on how it's not working? What happens when you try to access it with a browser? ShaneMadden, thanks for the suggestion, I've added some detail above.