JIRA 4.3 : Developing against JIRA with Secure Administrator Sessions
This page last changed on Feb 14, 2011 by rosie@atlassian.com.
Secure administrator sessions (also known as 'websudo') is a security feature introduced in JIRA 4.3. This provides an additional layer of authentication for administration functions. If you are developing a plugin for JIRA 4.3 or later, you will need to take note of the information below. Plugin DevelopmentWebWork actions that require administration access can be protected in JIRA with the WebSudoRequired annotation. This annotation must be on the class not the package nor a method in the class. (Note: WebSudoNotRequired annotation is not used in JIRA.) Other plugin types, such as REST services or servlets, can be protected via websudo by following the instructions at: Adding WebSudo Support to your Plugin. |
![]() |
Document generated by Confluence on Mar 27, 2011 18:54 |