The role of a proxy user

Exalate provides REST interfaces allowing to create and/or update issue information. As long as it runs in a trusted environment, accessing these interfaces anonymously is quite alright but in most cases, when the JIRA is running in a DMZ or less trusted environment, it is essential that any access must be authenticated.

Managing credentials is difficult, as there are many different policies that might be enforced such as password expiry, username definition, encryption which differs from organization to organization. We, therefore, choose to delegate the credential management to the underlying application.

The proxy user is a local user providing the authentication context to apply changes to issues. As an application administrator, you can define the permissions such proxy user has within the overall configuration. As long as this user has all the required permissions to create and modify issue information, synchronization will happen. 

Authenticated connections or not

As an application administrator, you have the choice to enable authenticated connections at node, instance and/or relation level. To enable authentication on the node level, access the general settings of exalate (Admin > Add-ons > Exalate > General Settings > edit) and check 'Authentication required'.

From then onwards, all connections to the instance need to be authenticated using the credentials of a local user.

Connecting to an exalate node which requires authentication

Select a proxy user to be used by the remote instance and communicate the details to its application administrator.  

On the remote instance (or relation), configure the remote instance details by accessing the instance edit form
(Admin > Add-ons > Exalate > Instances > Locate correct instance > Configure > Advanced options).

Click 'Test Connection' to ensure all is well.

Troubleshooting

In case of a credential mismatch, the test connection will provide the following response:

 

Back to advanced configuration