Open sowmya-parsi opened 4 years ago
evernat
commented
4 years ago Sorry. As said in the user's guide for Bitbucket:
there is no easy access to the user from the http session and Bitbucket's AuthenticationContext does not give access to the user given the order of servlet filters
This is still true when using Bitbucket 6.9.0.
sowmya-parsi
commented
4 years ago Hi ,
As said before I have included the property in system properties now the monitoring page have authentication after this somehow the bitbucket application authentication has got affected and it is not showing the login page PFA for more details.
for more details
evernat
commented
4 years ago evernat
commented
4 years ago OK, I understand that after using the basic auth with username and password to access the monitoring page, the Bitbucket's auth has been affected. I reproduce that with Bitbucket v6.9.0.
I suggest to not save the javamelody username and password in the browser, if the browser proposes that, and I suggest to close the browser and all its windows when you have finished with the monitoring page. That way, the Bitbucket authentication will not be affected.
Torkuato
commented
2 years ago Hi!
Same conflict with native login in Bitbucket 7.6.12.
Have you planned fix this in future? Or there is nothing you can do.
Thank you.
evernat
commented
2 years ago @Torkuato It was said above for Bitbucket 6.9.0 and before :
there is no easy access to the user from the http session and Bitbucket's AuthenticationContext does not give access to the user given the order of servlet filters
I suppose that the situation has not evolved with Bitbucket 7.6.12. So no, there is no fix planned if the situation in Bitbucket does not evolve.
Note that when using authorized-users as said above to enable basic auth for the monitoring page, there is a workaround in order to not have a conflict with Bitbucket's auth :
I suggest to not save the javamelody username and password in the browser, if the browser proposes that, and I suggest to close the browser and all its windows when you have finished with the monitoring page. That way, the Bitbucket authentication will not be affected.
I have installed the JavaMelody plugin for bitbucket as mentioned here : https://github.com/javamelody/javamelody/wiki/AtlassianPlugin and set the system property -Djavamelody.authorized-users=admin:pwd . Doing this authentication for the monitoring page is working fine but there is something conflicting in general bitbucket apllication authentication.Is there any way in which the monitoring uses bitbucket authentication only.