Black-/Whitelist user logins based on source ip


I would like to be able to black-/whitelist users based on there source ip address. I‘m currently working on implementing additional security for a clean room environment and would like to be able to accept only certain user accounts to login from within that clean room.

I did not find any way to achieve this with the native Jira functionality. So my last idea was, to implement my own plugin and intercepting the login procedure and check the user that wants to login and his source ip address against an internal black-/whitelist.

Unfortunately I‘m now struggling with two major problems:

  1. How to register to get and participate in logon events? In addition to the normal Jira login, we are using a MFA plugin already. And I would like to be part of that „logon chain“.
  2. How to logout (or deny login) if needed?

Hope someone can help me, figuring out, how to solve that…