Logon with wrong user/password gives 'weird' errorpage.

Error screen after wrong login is 'weird'...

Obscure email addresses in Confluence Mail

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-2677. panel Just noticed that http://confluence.atlassian.com/spaces/viewmailarchive.action?key=DOC is showing my full email...

Obscure email addresses in Confluence Mail

Just noticed that http://confluence.atlassian.com/spaces/viewmailarchive.action?key=DOC is showing my full email address.and other ppl's too. Eeek! We really want to obscure them. And anywhere else they appear in confl... Maybe some funky javascript email encryption ?...

Obscure email addresses in Confluence Mail

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-2677. panel Just noticed that http://confluence.atlassian.com/spaces/viewmailarchive.action?key=DOC is showing my full email...

Manage authentication for NTLM proxies

We want to access RRS content internally, but we are using a secured proxy requiring authentication via NTLM or user/password. We setted up the standard Java proxies properties: http.proxyHost, http.proxyPort and http.auth.ntlm.domain. But it seams that the http.auth.ntlm.domain properties does n...

Manage authentication for NTLM proxies

We want to access RRS content internally, but we are using a secured proxy requiring authentication via NTLM or user/password. We setted up the standard Java proxies properties: http.proxyHost, http.proxyPort and http.auth.ntlm.domain. But it seams that the http.auth.ntlm.domain properties does n...

Encrypt all passwords stored on the file system

Passwords are not encrypted in confluence-mail.cfg.xml nor in confluence.cfg.xml; they should be. Resolve an encryption scheme for anything requiring security stored on the file system...

Encrypt all passwords stored on the file system

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-2146. panel Passwords are not encrypted in confluence-mail.cfg.xml nor in confluence.cfg.xml; they should be. Resolve an...

Encrypt all passwords stored on the file system

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-2146. panel Passwords are not encrypted in confluence-mail.cfg.xml nor in confluence.cfg.xml; they should be. Resolve an...

A page containing the rss-macro is not displayed if the requested rss-feed is "down"

A page containing the rss-feed macro is not shown if the requested rss-feed is "down" there's no response sent to the browser. It would certainly be better if the page could be displayed anyway; perhaps with a message stating that the feed contents can't be fetched...

A page containing the rss-macro is not displayed if the requested rss-feed is "down"

A page containing the rss-feed macro is not shown if the requested rss-feed is "down" there's no response sent to the browser. It would certainly be better if the page could be displayed anyway; perhaps with a message stating that the feed contents can't be fetched...

A page containing the rss-macro is not displayed if the requested rss-feed is "down"

A page containing the rss-feed macro is not shown if the requested rss-feed is "down" there's no response sent to the browser. It would certainly be better if the page could be displayed anyway; perhaps with a message stating that the feed contents can't be fetched...

MoveIssue does not keep the security issue level after the move.

MoveIssue does not keep the security issue level after the move...

MoveIssue does not keep the security issue level after the move.

MoveIssue does not keep the security issue level after the move...

MoveIssue does not keep the security issue level after the move.

MoveIssue does not keep the security issue level after the move...

Enhance Seraph SSO support to create users automatically

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-4299. panel Users of SSO systems generally also have some sort of external user management. As a simple first step, JIRA's SSO authenticator...

Enhance Seraph SSO support to create users automatically

Users of SSO systems generally also have some sort of external user management. As a simple first step, JIRA's SSO authenticator could create an OSUser account in JIRA if the SSO authentication succeeds...

Enhance Seraph SSO support to create users automatically

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-4299. panel Users of SSO systems generally also have some sort of external user management. As a simple first step, JIRA's SSO authenticator...

Spam-protection

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-1469. panel We need something like MT-Blacklist: the ability to define URL patterns that flag a page and/or comment as spam. It...

Spam-protection

We need something like MT-Blacklist: the ability to define URL patterns that flag a page and/or comment as spam. It shouldn't be too hard to do - we already track URL links. The UI will need some thought though what do you do if you define a URL as spam, and it's in a page? Revert the page back t...

Spam-protection

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-1469. panel We need something like MT-Blacklist: the ability to define URL patterns that flag a page and/or comment as spam. It...

Character not allowed in user name

A user has sign up with the user name "m&m". The i tried to modify this user. Because the username is passed as url parameter FooServlet?name=m&m : GET or POST method the servlet container cut the name and try to retreive the username named "m" !!! The only way is to use a database client, change...

Character not allowed in user name

A user has sign up with the user name "m&m". The i tried to modify this user. Because the username is passed as url parameter FooServlet?name=m&m : GET or POST method the servlet container cut the name and try to retreive the username named "m" !!! The only way is to use a database client, change...

Character not allowed in user name

A user has sign up with the user name "m&m". The i tried to modify this user. Because the username is passed as url parameter FooServlet?name=m&m : GET or POST method the servlet container cut the name and try to retreive the username named "m" !!! The only way is to use a database client, change...

When deleting an Issue Security Level issues need to be re-indexed

Create 1 security levels Put some issues into it Delete the level hence removing any security level from the issues You will not be able to find the issues any more - need to re-index...

When deleting an Issue Security Level issues need to be re-indexed

Create 1 security levels Put some issues into it Delete the level hence removing any security level from the issues You will not be able to find the issues any more - need to re-index...

When deleting an Issue Security Level issues need to be re-indexed

Create 1 security levels Put some issues into it Delete the level hence removing any security level from the issues You will not be able to find the issues any more - need to re-index...

Applet certificate is not trusted.

You need to get a proper certificate for the applet - or else there will be some disquiet amongst some corporate users - and their IT Security overlords...

Applet certificate is not trusted.

You need to get a proper certificate for the applet - or else there will be some disquiet amongst some corporate users - and their IT Security overlords...

Applet certificate is not trusted.

You need to get a proper certificate for the applet - or else there will be some disquiet amongst some corporate users - and their IT Security overlords...

Add a generic HTML cleaning service

This will be able to be used by all components that need to display untrusted HTML: including HTML attachments, RSS feeds, and the html-include macro...

Add a generic HTML cleaning service

This will be able to be used by all components that need to display untrusted HTML: including HTML attachments, RSS feeds, and the html-include macro...

should be able to login only via https

you should be able to configure JIRA to login via HTTPS. this is almost possible in 2.4.1. You can specify an https URL in security-config.xml as the login.url parameter. this makes loing links from e.g. the issue view page work correctly. a slight problem here is that the session remiains in the...

should be able to login only via https

you should be able to configure JIRA to login via HTTPS. this is almost possible in 2.4.1. You can specify an https URL in security-config.xml as the login.url parameter. this makes loing links from e.g. the issue view page work correctly. a slight problem here is that the session remiains in the...

Have JIRA delete cookie when user authentication fails

I would like to suggest that if JIRA loads the user details id and password from a cookie and attempts to authenticate and fails then JIRA should delete the cookie. The logic behind this is: We are using LDAP for authentication to Novell's NDS and if a user gets JIRA to remember their id and...

Have JIRA delete cookie when user authentication fails

I would like to suggest that if JIRA loads the user details id and password from a cookie and attempts to authenticate and fails then JIRA should delete the cookie. The logic behind this is: We are using LDAP for authentication to Novell's NDS and if a user gets JIRA to remember their id and...

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

Problem when signing up for new user Account from login page

I signed up for a new user account from the login page, filled in a username, password, name and e-mail. Then I tried to login with the new username and got this exception: java.lang.NullPointerException at com.opensymphony.module.user.User.getGroupsUser.java:94 at...

Problem when signing up for new user Account from login page

I signed up for a new user account from the login page, filled in a username, password, name and e-mail. Then I tried to login with the new username and got this exception: java.lang.NullPointerException at com.opensymphony.module.user.User.getGroupsUser.java:94 at...

Problem when signing up for new user Account from login page

I signed up for a new user account from the login page, filled in a username, password, name and e-mail. Then I tried to login with the new username and got this exception: java.lang.NullPointerException at com.opensymphony.module.user.User.getGroupsUser.java:94 at...

Asked to re-authenticate to delete issue

/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...

Asked to re-authenticate to delete issue

/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...

Asked to re-authenticate to delete issue

/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...