Administration documentation

Owned by Frédéric Esnault
Last updated: Feb 16, 2023
3 min read

Encoding settings

Ovyka Security Filter for Jira processes every incoming request. If you server's encoding is not set to UTF-8, special characters (nbsp - non breakable space, accentuated characters,...) will not be processed correctly, as the plugin analyzes incoming data at a very low level. These encoded characters will not be understood at this level, and request processing will fail (for the plugin AND for jira). 

To avoid this issue, you must make sure Jira's virtual machine (JVM) is configured with UTF-8 encoding. This can be done by adding these parameters in Jira's environment.

Linux

Open setenv.sh in Jira's installation folder, under the bin subdirectory : <installation-folder>/bin/setenv.sh

In JVM_REQUIRED_ARGS, add this : 

-Dfile.encoding=utf-8 -Dsun.jnu.encoding=utf-8

Restart Jira's service for the new parameters to be used by the jvm.

Windows

Open setenv.bat in Jira's installation folder, under the bin subdirectory : <installation-folder>\bin\setenv.sh

In JVM_REQUIRED_ARGS, add this : 

-Dfile.encoding=utf-8 -Dsun.jnu.encoding=utf-8

Restart Jira's service for the new parameters to be used by the jvm.

Windows service

If your Jira instance is controlled by a Windows service, you have to add these parameters in Jira's service Java options.

First, open service configuration.

In a Powershell window, got into Jira's installation directory, and type this (if the service name is Jira):

./tomcat8w.exe //ES//Jira

This will open a window like this one.

In the Java Options box, you must add the two same parameters, as you can see on the screenshot :

-Dfile.encoding=utf-8
-Dsun.jnu.encoding=utf-8

Click Apply, then restart Jira's service for the new parameters to be used by the jvm.


Plugin installation

The Ovyka Security Filter for Jira plugin is provided as a JAR file.

To install the plugin, go to JIRA Add-ons administration, and select the Manage Add-ons page. On the page, click the Upload add-on button, select the Ovyka Security Filter for Jira JAR, and click OK.

Configuration

Once the add-on is installed, there is no need to configure it. Sensitive data (currently PAN numbers) will be automatically filtered out from inputs in JIRA :

  • manual inputs (issue subject, description, comments, and basically in any area where a user/admin can enter text);
  • attached files (only XML or TXT, as other file types may create filtering issues - we may identify PAN numbers in images data, for example, which would break the image and maybe also create a server error).
  • incoming mails (requires configuration - see below).

Mail handlers

Replacing a mail handler with its secure counterpart

If you JIRA instance is configured to receive an process incoming mails, you may want to filter also mail contents. Otherwise, mail content containing sensitive data could be added to issues by a mail handler, without any filtering.

To filter also incoming mails, you just need to go to you JIRA Incoming mail adminsitration page, and select the Ovyka Security Filter for JIRA handler matching the one you were previously using. For example, in the screenshot below, the selected mail handler is :

  • Create a new issue or add a comment to an existing issue

To secure incoming, mails, we just have to replace it by the matching mail handler, provided by the add-on :

  • [Ovyka Security Filter for Jira] Create a new issue or add a comment to an existing issue

Email this issue (JETI)

If you are using the Email this Issue add-on (JETI) to process incoming mails into your JIRA instance, then our add-on can still secure your incoming emails. You'll notice the last mail handler in the list on the screenshot above, which is the replacement for Email This Issue Mail Handler :

  • [Ovyka Security Filter for Jira] Email This Issue Mail Handler

 Just select it, and your JETI add-on will continue to process incoming mail, but with sensitive data filtered out.