I am writing a plugin where I am doing authentication using BASIC like this
var encodedString = btoa(username + ":" + password);
xhr.setRequestHeader ("Authorization", "Basic " + encodedString);
xhr.send()
I saw that the response header has both token and session id cookie. Response cookies are like this
Set-Cookie
JSESSIONID=F836D94F37784F241F61C2EFAFC1C11A;path=/;HttpOnly
Set-Cookie
atlassian.xsrf.token=BTH4-D2ZY…ec364c02c610786e6c_lin;path=/
But after that I am making a call like this
window.location.href = url;
This call does not have the session cookie. The cookie for this request is
Cookie
atlassian.xsrf.token=BTH4-D2ZY…c8a96dbec364c02c610786e6c_lin
I am trying in 7.10.2
Also sometime I am not able to logged into JIRA after giving proper user id and password. Even I can not logged in using http://server:8080/secure/Dashboard.jspa
After clearing cookie it starts work. But we can not tell user to clear cookie before providing user id and password.
I have tried with /rest/auth/1/session and got same result
Tried with both /rest/auth/1/session and BASIC header.. There also same result.
But if I clear the cookie just before providing user id and password, it works
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.