Data Center 9.0
Versions

_configureTrustedAppsIncoming

_InclusionsLibrary

On this page

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

  1. Log in as a system administrator and go to the administration page. Click Application Links in the administration menu. You'll see a list of the application links that have already been set up.
  2. Click Configure for the application link that you want to configure Trusted Applications authentication.
  3. Click the Incoming Authentication tab (the Trusted Applications tab will be displayed).

  4. Use the Modify or Configure buttons to configure Trusted Applications:

    IP Patterns

    IP addresses (IPv4 only) from which the local application will accept requests. Use commas or spaces to separate m

    Specify wildcard matches using an asterisk (*), e.g. 192.111.*.* (but you can't use netmasks to specify network ranges).


    (warning) If you are setting up Trusted Applications between two applications that both have the Application Links plugin installed, you can leave this field blank (or explicitly use *.*.*.*).

    However, if your remote application does not have the Application Links plugin installed and you are configuring the IP Patterns in the remote application (not the Application Links plugin), you must not leave this field blank nor use *.*.*.*. Failure to configure IP address restrictions in this scenario is a security vulnerability, allowing an unknown site to log into your site under a user's login ID.


    Consider the following scenarios, if you want to limit access by using this field:

    • If the remote application is using a proxy server, you need to add the proxy server's IP address to this field.
    • If the remote application is a clustered instance of Confluence, you need to accept requests from each cluster node, otherwise Confluence users may not be able to view any data from your application. Either specify the IP address for each node of the cluster (e.g. 172.16.0.10, 172.16.0.11, 172.16.0.12), or specify the IP address for your clustered Confluence instance using wildcards (e.g. 172.16.0.*).
    URL Patterns

    Enter the local application URLs that the remote application will be allowed to access – each URL corresponds to a particular application function.

    Enter one URL per line. as follows:

    Jira

    /plugins/servlet/streams

    /sr/jira.issueviews:searchrequest

    /secure/RunPortlet

    /rest

    /rpc/soap

    Confluence

    /plugins/servlet/streams

    /plugins/servlet/applinks/whoami

    /rpc/xmlrpc

    Certificate Timeout (ms)

    Enter a certificate timeout value. The default is 10 seconds – you should not have to change this for most application links.

    The certificate timeout helps to prevent replay attacks. For example, if a Trusted Applications request is intercepted and (maliciously) re-sent more than the certificate timeout period after the initial request, it will be rejected. Note that the certificate timeout relies on the clocks on both servers being synchronized.

  5. Click Apply.

 

 

Last modified on Sep 13, 2017

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.