I am working on a custom SSO authenticator for my JIRA instance.
I have the login part working great. The problem I have now is that I need to completely hide the Login page. All login needs to go through my SSO provider.
As it sits right now, if a user logs in through SSO but doesn't exist in JIRA it shows them the login screen. The way I need it to work is that if the SSO service logs them in but they don't exist in JIRA, that they are kicked back to the SSO login page, or at least shown an error page instead of the login page.
How can I do this without hacking up the login.xml file?
Thanks for your response. I have already done this. I have set all three of these to point to my SSO. In my custom plugin I return "null" if the user should not be allowed to login. Instead what happens is the user is shown the "Login" page if I Return "null".
What else can I do to make sure the users never see the JIRA login page?
Thanks for this suggestion! This seems to have gotten me most of the way there. At least now when a user gets to my page and doesn't have access, they won't see the login gadget. I plan to update my Seraph plugin to delete the JIRA auth cookies so they are forced back out if they are not authorized to be in the system.
As a final note to everyone - Timothy's suggestion to remove the login gadget in jpm.xml is a great way to prevent people from logging in via the web page when using SSO. I still haven't been able to get the system to automatically kick the user out if they're not logged in, but this is an issue specific to my SSO solution and JIRA instance.
Hi DJX. I'm looking for a way to use Seraph for SSO on JIRA Core, since I'm not a developer, I'm not sure which way to go - could you please share how you implemented the custom authenticator? This is where I get lost:
Thanks in advance.
@Bianca Borges - There are a few plugins out on the market that handle some common authenticators. At the time, I was working with one that did not have a plugin. I wrote this post to document some of my findings: https://www.jarvispowered.com/single-sign-on-to-jira-with-siteminder/
My issue also similar case please find the below description, snap shot and let me know your inputs, please.
I am working on custom Google SSO authenticator for my JIRA & WIKI instance (Vendor AppFusions).
Google SSO for JIRA
Google SSO for Atlassian Confluence
I have the login part working great. The problem I have now is that I need to completely hide the Login page. All login needs to go through my SSO provider. i.e., all the users must “sign in with Google” so I want to disable the login page username and password fields. When I access my JIRA and Confluence URL then we need to click on “sign in with Google” to login my applications.
This won't help in redirecting, but simply changing Jira/Confluence to use external user management will disable the ability to use "forgot password" and a bunch of other useful SSO specific functionality
Calling all Community members from the Washington D.C. area! Atlassian’s Team Tour is heading to your city to host a Government Symposium on May 1st. Join our team and other government agencies to le...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs