Jama’s 2016/03/19 hosted release includes the permanent enablement of Enhanced Image Security. Previously customers could elect to turn it off, but due to some enhancements in our reporting tools, the option is no longer needed. This change is available in on-premises Jama 8.0.2+. So what changed?
How will that affect users?
- We will begin embedding images in BIRT and Velocity reports. Previously the images required external calls to get image references, so users had to authenticate online. With Enhanced Image Security on, users who were not signed into Jama or who did not have a Jama login saw Red Xs instead of images. This means some customers opted to turn the security off.
- Accessing attachments via direct URL will require authentication. The biggest impact for this will be users of the JIH, who will need to be authenticated to view embedded images synced over from Jama to JIRA.
- Any user who downloads or receives a report will see all images since they are directly embedded. If you are an organization that had turned off image security in the past, you will now see broken images in previously-generated reports. This means you will need to regenerate the report. Additionally, users will need to take an extra step if they generate a Velocity report (including the built-in All Items report) and attempt to upload the report to Jama as an attachment. The report will first need to be saved as a Word document before being uploaded.
- Any user who accesses an attachment or image via direct URL will need to be logged in. Embedded images synced over to JIRA via the JIH will not be visible to JIRA users not authenticated in Jama. To work around this, images will need to be added to items as attachments and attachment syncing will need to be enabled.