Versions Compared

Old Version 2

changes.mady.by.user Frédéric Esnault

Saved on

compared with

New Version Current

changes.mady.by.user Frédéric Esnault

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Encoding settings

Ovyka Security Filter for Jira processes every incoming request. If you server's encoding is not set to UTF-8, special characters (nbsp - non breakable space, accentuated characters,...) will not be processed correctly, as the plugin analyzes incoming data at a very low level. These encoded characters will not be understood at this level, and request processing will fail (for the plugin AND for jira). 

To avoid this issue, you must make sure Jira's virtual machine (JVM) is configured with UTF-8 encoding. This can be done by adding these parameters in Jira's environment.

Linux

Open setenv.sh in Jira's installation folder, under the bin subdirectory : <installation-folder>/bin/setenv.sh

In JVM_REQUIRED_ARGS, add this : 

Code Block
-Dfile.encoding=utf-8 -Dsun.jnu.encoding=utf-8

Restart Jira's service for the new parameters to be used by the jvm.

Windows

Open setenv.bat in Jira's installation folder, under the bin subdirectory : <installation-folder>\bin\setenv.sh

In JVM_REQUIRED_ARGS, add this : 

Code Block
-Dfile.encoding=utf-8 -Dsun.jnu.encoding=utf-8

Restart Jira's service for the new parameters to be used by the jvm.

Windows service

If your Jira instance is controlled by a Windows service, you have to add these parameters in Jira's service Java options.

First, open service configuration.

In a Powershell window, got into Jira's installation directory, and type this (if the service name is Jira):

Code Block
./tomcat8w.exe //ES//Jira

This will open a window like this one.

Image Added

In the Java Options box, you must add the two same parameters, as you can see on the screenshot :

Code Block
-Dfile.encoding=utf-8
-Dsun.jnu.encoding=utf-8

Click Apply, then restart Jira's service for the new parameters to be used by the jvm.


Plugin installation

The Ovyka Security Filter for Jira plugin is provided as a JAR file.

...

  • manual inputs (issue subject, description, comments, and basically in any area where a user/admin can enter text);
  • attached files (only XML or TXT, as other file types may create filtering issues - we may identify PAN numbers in images data, for example, which would break the image and maybe also create a server error).
  • incoming mails (requires configuration - see below).

Mail handlers

Replacing a mail handler with its secure counterpart

If you JIRA instance is configured to receive an process incoming mails, you may want to filter also mail contents. Otherwise, mail content containing sensitive data could be added to issues by a mail handler, without any filtering.

...