Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSO cookie ignored/overridden

Deleted user July 4, 2011

I'm trying to use Crowd (2.2.7) and its REST APIs for authentication in a Django web application. I've been able to validate credentials and create SSO tokens, but the SSO cookies I set aren't recognised by my Confluence/JIRA instances (meaning I have to log in again). Logging in to either application overwrites the cookie that I set, but the Crowd console then shows two user sessions under "Administration > Current Sessions > User Sessions".

All applications are on the same domain (confluence.domain.com, jira.domain.com, etc.) and my browser is definitely sending the cookie that I set. I'm making my token creation request to https://crowd.domain.com/crowd/rest/usermanagement/1/session.json?validate-password=0 and the body is as follows:

{"username": "chris"}

Any ideas how I could get SSO working?

Watch
Like # people like this
1558 views

8 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Sam Kenny1
Sam Kenny
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 10, 2013

Chris did you ever this get resolved?

Reply
Reply
0 votes
Michel Teunissen
Michel Teunissen November 9, 2011

When I follow the Crowd REST API doc, there' a possibility to get back a token ( HTTP POST /session?validate-password=false etc.). But what then? I want to create a SSO between my own website from which I talk REST to Crowd and JIRA/Confluence so what cookies/headers do I need to set to get that working given the token that I have?

View More Comments
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 9, 2011

Michael, I believe you should ask a question of your own on this. The question is soemthing else, and if you get a reply on your question it is not really an answer to this question.

Like
Reply
0 votes
Michel Teunissen
Michel Teunissen November 8, 2011

Can you help me with what cookies I need to set to begin with?

View More Comments
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 9, 2011

What do you mean?

Like
Reply
0 votes
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 26, 2011

Did you close in on a solution yourself on this?

Reply
0 votes
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 22, 2011

I have the same issue. I'm currently in contact with Atlassian support, and the issue has actually been escalated internally to senior staff. Seems that everything is working fine in regards to cookies, etc., but for some reason Confluence/Crowd is still unable to play together. Having Crowd authenticate on behalf of Confluence (without SSO) works like a charm though.

A small update - our IT infrastructure includes an ISA that does not forward the client IP adr. But if that is the main reason I still do not know.

I'll update on this issue when I get a reply from Atlassian.

View More Comments
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 26, 2011

Still waiting for feedback from Atlassian. No news from me.

Like
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 12, 2011

Still waiting for feedback from Atlasian. The issue is a level 1 support issue but they still haven't figured out the reason.

Like
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 30, 2011

I ended up discontinuing Crowd. Atlassian was unable to aid for our setup with ISA server, and we'll rather develop our own solution that continue with Crowd.

Like
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 8, 2011

https://answers.atlassian.com/questions/19908/has-anyone-gotten-crowd-to-work-as-sso-behind-a-isa-2006-server

Like
Reply
0 votes
Jim Bethancourt
Jim Bethancourt
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 20, 2011

Have you set the authenticator in seraph-config.xml ?

For Confluence it should be

<authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/>

and for JIRA it should be

<authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>

See http://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence

and

http://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+JIRA

Cheers,

Jim

Reply
0 votes
Colin Goudie
Colin Goudie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 4, 2011

Is your webapp and Confluence/JIRA instances on the same IP? I had a similar issue recently with fisheye and had to add the IP that fisheye was running on into the Trusted Proxy list in Crowd (under Admin). This resolved it.

EDIT: Misread your post

View More Comments
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 18, 2011

Does 'Misread your post' mean that your answer did'nt have anything to do with the matter?

Like
Jim Bethancourt
Jim Bethancourt
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 20, 2011

Hi Ivar,

Answers allows you the opportunity to give a reason why you edited your post. In this case, Colin offered an answer, and then edited it, leaving the reason "EDIT: Misread your post" as the reason for editing his post.

Cheers,

Jim

Like
Ivar
Ivar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 20, 2011

@Jim; of course :) Just wandering if his edit indicated that he changed his original answer and that his current answer is related, or if he let his original answer 'stay' while adding 'Misread your post'. I've seen both things happen :)

Like
Reply

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events