@Path("importer")
//@AnonymousAllowed
//@ResourceFilters(ZFJApiFilter.class)
@UnrestrictedAccess
@ZSFilterNameBinding
public class IssueImporterResource {
@Inject
public IssueImporterResource(JiraAuthenticationContext authContext, IssueImporterResourceDelegate issueImportResourceDelegate
I have above annotations on my class and in atlassian-plugin.xml
following is the change
<component key="issueImporterService" name="Issue Importer Service"
class="com.thed.zephyr.je.service.impl.IssueImporterServiceImpl"/>
The above one was working for Jira 9, but for Jira 10 it’s giving 403 not found error.
Can anyone please help me with this. If any other detail u want, please reply on thread will give that detail as well
1 Like
Hello Fabien,
I have followed the page, but still I am getting 403 error.
package com.thed.zephyr.je.rest;
@Api(value = "TestCase File Import Resource API(s)", description = "Following section describes the rest resources pertaining to IssueImporterResouece")
@Path("importer")
//@AnonymousAllowed
//@ResourceFilters(ZFJApiFilter.class)
@UnrestrictedAccess
@ZSFilterNameBinding
@UnlicensedSiteAccess
public class IssueImporterResource {
In above i have added @UnlicensedSiteAccess also.
along with that
i have added in atlassian-plugin.xml
<servlet name="Import EXCEL" key="IssueImporterResource"
class="com.thed.zephyr.je.rest.filter.ZSFilterNameBinding">
<description>Import File Attachment</description>
<url-pattern>/importer/fieldMapping</url-pattern>
</servlet>
I am still getting 403 error with XSRF check failed.
CAn you please help?
Hi @RaghunandanTata
It’s an XSRF check failed.
You shoul try something like this.
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@XsrfProtectionExcluded
public class ExampleServlet extends HttpServlet {
@PermittedMethods({HttpMethod.GET, HttpMethod.POST})
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
// Handle GET request
}
@PermittedMethods({HttpMethod.POST})
protected void doPost(HttpServletRequest req, HttpServletResponse resp) {
// Handle POST request
}
}
@XsrfProtectionExcluded might be used in API endpoints that are called with client-side JavaScript where XSRF tokens cannot be easily included, or in endpoints that are designed to be called from non-browser clients.
@PermittedMethods ensures that each endpoint only receives the type of request it is designed to handle, which is crucial for maintaining the application’s integrity and security.
Ensure you use these annotations with expertise to avoid any security vulnerabilities.
Fabien
Hey Fabien,
I tried above, but i guess some problem in importing @XsrfProtectionExcluded.
I have written below line
import com.atlassian.annotations.security.XsrfProtectionExcluded;
//and main code is like this
@Api(value = "TestCase File Import Resource API(s)", description = "Following section describes the rest resources pertaining to IssueImporterResouece")
@Path("importer")
//@AnonymousAllowed
//@ResourceFilters(ZFJApiFilter.class)
@UnrestrictedAccess
@ZSFilterNameBinding
@UnlicensedSiteAccess
@XsrfProtectionExcluded
public class IssueImporterResource {
and below is the pom, still it is not able to detect the library i guess.
Am i doing it correctly or is someother way to do the above step?
I am using Java 17
<dependency>
<groupId>com.atlassian.annotations</groupId>
<artifactId>atlassian-annotations</artifactId>
<version>5.0.1</version>
<scope>provided</scope>
</dependency>
Below is the maven dependency that i used
https://mvnrepository.com/artifact/com.atlassian.annotations/atlassian-annotations/5.0.1
Hey @FabienPenchenat ,
Can you please suggest here. how to resolve above?
Thank you!