Uranus Flexible License for Jira
2024年7月
1. Technical Programme
1.1 Technical Framwork
Group Change project based on the Confluence system to achieve the Confluence user group change and licence group management, in order to meet the network security, at the same time with the two-way request of the internal and external networks, the system will be deployed in the DMZ area. The system is implemented based on SpringBoot+VUE and deployed in an independent database.
Secure Authentication
The system has independent operation and maintenance management, and its login authentication is based on basic JTW token authentication, JWT adopts symmetric encryption by RSA, and the access is filtered and verified by carrying the request header.
Plug-in Integration
JIRA has been integrated with the Group Change system and uses it without login by authorizing users in JIRA.
Synchronization
The synchronization business system has a bi-directional API request to meet the bi-directional synchronization.
API Access
Synchronization business can realize API access to external JIRA site through proxy mode, and also can directly expose intranet JIRA API access through the network.
Task Scheduling
Based on Quartz task scheduling framework, it realizes the execution of tasks through the configuration of different time interval granularity.
Network Isolation
The DMZ is isolated from the intranet environment. In order to realize plug-in integration access, it is necessary to open the port access between the intranet and the DMZ environment. If you need to expose the API, you need to configure DNAT rules to realize external API access.
1.2 Functional Description
The system provides the functions of group change configuration, white list configuration, license configuration, scheduled task opening, and viewing the login information of JIRA users. The overall function module is roughly as follows:
Prerequisite Functions:
The admin account can configure the Group Change information, and other accounts will trigger the change logic to execute based on the configured Group Change information only when they log in.
The admin account is the only super administrator account.
GC Config
Group Change配置from group、to group、白名单、license group和定时任务,将自定义天数未登录的JIRA用户移出license组。选择用户登陆时是否开启Group Change配置,以及是否启用每日定时任务。
User Manage
实现直观分页查看JIRA用户的个人信息以及登录信息包括用户名、邮箱、最后登录时间、总计登录次数、登陆失败次数。可以批量选择或者将指定用户移出license组。
Function Module:
1. GC Config
Group Change configures from group, to group, whitelist, license group and timed tasks to move JIRA users who have not logged in for a customized number of days out of the license group. Select whether to open Group Change configuration when users log in, and whether to enable daily timed tasks.
2. User Manage
Realize intuitive paging to view the personal information and login information of JIRA users, including user name, email address, last login time, total login times and login failure times. You can select or remove the specified users from the license group in batches.
2. Operating Instructions
2.1 Preparation
2.1.1 Preparation Before Start-up
Database Creation Configuring Database Connection Methods
Start the Sync backend Main.class
Start the frontend npm run dev
Starting nginx
2.1.2 Configuring nginx
Nginx.config
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 4000;
server_name localhost;
location / {
proxy_pass http://localhost:4010/;
}
location /user-authorized/ {
proxy_pass http://localhost:8081/;
}
}
}
2.2 Log in
Login to the JIRA system and verify username and password in the backend.
2.3 Configuring GC Information
2.3.1 Group Added When the User Log In
On the application management page, click GC Config to enter the configuration page to configure, and then initiate the enable function at login.
Take user2 as an example, before logging in, it was in group1 and permission group. Then log in to the user2 account.
After logging in, query the user2 information again, and it has been added to group3 (there is a check here. If the number of existing licenses exceeds or is equal to the maximum number of licenses in the system, the operation of adding a group will not be performed).
2.3.2 Timed Task Setting
There are also timed tasks, moving unlogged-in users with a custom number of days out of the configured license group (unaffected if the user is in a configured whitelisted group) , and adding people from the To Group to the From Group on a daily basis (custom requirement).
2.3.3 Whitelist Group Setting
Customize the white list group. Users in this white list group will not be affected by regularly cleaning up the license of unregistered users.
2.4 People Management
In user management, you can view all the JIRA users by page, including user name, email address, last login time, login failure times and user creation time.
2.4.1 License Moving Users Out of License
Select users to move out of the license in batches, or specify a single user to move out of the license group.
Move user2 out of the license here, and then check the group situation of user2.
User2 is no longer in group3, that is the configured license group (the move out license feature is not affected by whitelisting).