“Bypass” JIRA SSO login when SSO isn’t working

Today I hit a snag when I was attempting to log into one of our JIRA dev environments where SSO unexpectedly wasn’t working properly and it didn’t let me in.

So here’s my workaround.

Open this URL in a new tab of the same browser:
https://((your-jira-instance-address))/rest/auth/1/session

Now, open the developer console of your web browser. For example, in Google Chrome, you have to press F12 and then go to the Console tab.

Now type each of these five lines of JavaScript code and press Enter following Each. Make sure to replace whatever is between (( & )) with the correct stuff!

var x = new XMLHttpRequest();
var p = "{\"username\":\"YOUR-JIRA-USERNAME\",\"password\":\"YOUR-JIRA-PASSWORD\"}";
x.open ("POST", "https://YOUR-JIRA-INSTANCE-ADDRESS/rest/auth/1/session", true);
x.setRequestHeader("Content-type", "application/json");
x.send (p);

Example:

var x = new XMLHttpRequest();
var p = "{\"username\":\"alice\",\"password\":\"w0ndR|@nd\"}";
x.open ("POST", "https://jira.example.com/rest/auth/1/session", true);
x.setRequestHeader("Content-type", "application/json");
x.send (p);

Now, if you do not get a 4xx status code you’re in! Go back to the previous browser tab and reload.

We are not actually “hacking” or breaking into anything here, but using the REST API to bypass the login prompt. This may not work in some situations depending on how JIRA instance is configured. If your password wasn’t cached in JIRA, this will not work.

Cheers!

Advertisements
“Bypass” JIRA SSO login when SSO isn’t working

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s