Hi Team,
Recently our JIRA instance (Cloud version) seems to be down many times when huge incoming requests raised. As checked with Atlassian Support team through support ticket, they insisted us to use Cookie based authentication instead of basic authentication in external tools / service for REST API. As per the documentation (Security overview) I have created a sample application in C# language. I have faced some problems in using cookie based authentication and kindly check the below queries and suggestion a solution to sort out these problems.
-
I have created the cookie value and tried to use the cookie in the header of the request for all the consecutive request. But for the first time when I create the cookie and for that request alone I received the result and for all other requests I received the status code as 200 with no content in the body. We have declared the “HttpClient” as static variable and initialize it for every request. I found that this cookie based authentication works as expected when we didn’t initialize our client request for consecutive times other than the initial time which will create the cookie.
-
If we initialize HttpClient for every time and create the cookie then we can able to get the result as expected. But creating a cookie for each session is advisable or not which will be similar to database access for each request right?
-
Will it lead to any problem if we didn’t initialize out HTTPClient for each request, since we update some fields using REST API under some issues through Web hook service once the issue is created. Hence may get chance to create/update multiple tasks at same time and if “HTTPClient” used in the service without initializing for each request will lead to update any wrong details. Because already we have been facing some problems that is when multiple task updated in JIRA at same time, the task details are mixed up and stored in our database by our web API service(I hope we have mentioned this problem in our meeting too).
Kindly let me know the details on these queries.
Regards,
Ragunaathan M P