Disable Local Login (Admin & Users) for Hipchat Server / Hipchat Data Center

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Requirement

  • The Hipchat Server / Data Center is configured using SAML identity provider such as Okta or OneLogin
  • The company policy is to not have any visibility of the local login page including admin and normal users
  • The goal of this KB to disable any possible access to the local login page through backend changes

Workaround

These changes are not officially supported by the Atlassian Support team. So, please proceed with caution!


  1. Obtain root access

    sudo dont-blame-hipchat

  2. Make a copy of the routes.php file:

    cp /hipchat-scm/web/application/config/routes.php /hipchat-scm/web/application/config/routes.php.bak

  3. Using your prefered screen oriented text editor, edit the /hipchat-scm/web/application/config/routes.php file. For example:

    nano /hipchat-scm/web/application/config/routes.php

  4. Comment out the login_password and login_admin code section as per the following:

    // account
$config['new_password/(\d+)/(.*)'] = 'users/new_password/$1/$2';
$config['new_password/(.*)'] = 'users/new_password_legacy';
$config['forgot_password'] = 'users/reset_password';
$config['switch_account'] = 'users/switch_account';
$config['sign_in'] = 'users/sign_in';
$config['login'] = 'users/login';
// $config['login_password'] = 'users/login_password';
$config['login_select_auth'] = 'users/login_select_auth';
$config['login_group'] = 'users/login_group';
// $config['login_admin'] = 'users/login_admin';
$config['login_admin_password'] = 'users/login_admin_password';
$config['sign_out'] = 'users/sign_out';

  5. Save the file and verify that the pages are no longer accessible:

  6. Additionally, you can also alter the Admin Login link through /hipchat-scm/web/application/views/users/_below_signin.php

    cp /hipchat-scm/web/application/views/users/_below_signin.php /hipchat-scm/web/application/views/users/_below_signin.php.bak
     <?php if (isset($password_allowed) && !$password_allowed): ?>
        <a href="/login_admin<?= $link_params ?>" id="admin-login">Admin login</a>
  <?php endif ?>

    You can either remove the line completely or modify the href section to point to a different context path to point to redirect the user to a different location


Last modified on Nov 2, 2018

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.