I have a webitem with servlet on the system top navigation bar.
Even after the session timeouts(cleared the browser cache), the webitem still displays the Form.
I wanted to make the user to login by providing their username and password.
I tried the steps provided in this link but it didn’t go to the exception part. Also it prompts for Administrative Access not the Jira User access.
Even i have the IsUserLoggedInCondition in my webitem condition, i read that this will only show/hide the webitem.
In my servlet’s ```doGet`` method, I have this code:
@Nullable ApplicationUser user =
jiraAuthenticationContext.getLoggedInUser();
if (user == null) {
HttpUtils.sendRedirectToLogin(req, res, loginUriProvider);
return;
}
The loginUriProvider is injected into my servlet’s constructor as an instance of com.atlassian.sal.api.auth.LoginUriProvider.
Here is my HttpUtils class:
public final class HttpUtils {
/** Prevents instantiation */
private HttpUtils() {
throw new UnsupportedOperationException("Attempt to instantiate utility class");
}
public static String relativeRequestUri(HttpServletRequest req) {
String requestUri = req.getRequestURI();
String contextPath = req.getContextPath();
// If there is a context path, then we want to remove it from the start of the request URI
// so that we are always redirecting to a relative location.
return Strings.isNullOrEmpty(contextPath)
? requestUri
: requestUri.substring(contextPath.length());
}
public static void sendRedirectToLogin(
HttpServletRequest req,
HttpServletResponse resp,
LoginUriProvider loginUriProvider) throws IOException {
resp.sendRedirect(
loginUriProvider.getLoginUri(URI.create(relativeRequestUri(req))).toString()
);
}
}
It’s been too long since I’ve worked with webwork. I notice, though, that there’s a Redirect action in Jira’s source: webwork.action.standard.Redirect.
Just for reference: if your current URI contains a query string, make sure you pass it along when building the redirect URI. This is to make sure Jira redirects to the exact same page after successful login.