Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira Server - Allow access through HTTPS for external users and http for local users

Alexis Ramacciotti
Alexis Ramacciotti January 31, 2019

Hello,

 

One of our client has a Jira Server instance.  They set a reverse proxy to manage SSL and enforce security.  The instance is now accessible only through https://jira.companyName.com (wich is also the base url of the instance).

Problem is the client want local users (users connecting from within the corporate network) to access Jira with a local domain name through http protocol, avoiding getting out of the local network.

I know jira can only have one base URL.

Is there a way to set server.xml to allow direct connection without passing through the proxy, and without creating a security breach by exposition of an unsecure access url to the internet?

 

Kind regards

Answer
Watch
Like Be the first to like this
823 views

3 answers

2 accepted

1 vote
Answer accepted
Joe Pitt
Joe Pitt
Community Champion
January 31, 2019

For security reasons all transmissions of data should be encrypted over https. I suggest switching to https for all users. 

Reply
0 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 31, 2019

You can add more connectors, so that Tomcat will listen to http on another port, which means you can have a proxy or direct connection on another url, and not use https for it.

It won't work properly.  People using a route that is not the base url will see problems with gadgets and reports, and as they start to navigate through, they will very quickly land on a link based on the base url, so they'll go back to using the https site anyway,

Plus, you should never run any system that allows people to enter any data over plain http.  Http is only suitable for pure read-only access to public sites.

Reply
0 votes
Alexis Ramacciotti
Alexis Ramacciotti January 31, 2019

I thought so too.

Thanks for the insight!

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.