Confluence SSO is not working on Server, but working on local

We have implemented Confluence and JIRA SSO using seraph and crowd framework and have coded new custom authenticator for both applications. Both JIRA and Confluence SSO whould work from our company site, and share the similar code base with minor differences. JIRA SSO is working fine on server and local, and Confluence SSO is not working on server but working on local. We are using Confluence version 6.3.1 and JIRA version 7.2.2

Please help me to resolve this issue and let me know if I have to include any other packages or class files to make Confluence SSO work on server.

Thanks in advance

2 answers

0 vote
Ann Worley Atlassian Team Jul 31, 2017

I understand SSO is not working consistently in your environment. 

Please review this guide to make sure all the basics are in place:

Troubleshooting SSO with Crowd

I am not sure what is meant by coding a new custom authenticator. Did you write a custom authenticator or enable the SSO authenticators bundled with JIRA and Confluence? The latter is done in the seraph-config.xml file.

What is the similar code base you mention?

When you say the SSO works from server but not local I am not sure what is meant. Does it mean it works from a browser on the server but not from a workstation? Or are there two environments, one on your local desktop and one on a server?

Please let us know whether there is a reverse proxy in front of the Atlassian applications.

 

 

 

Hi Ann,

I have wrote custom authenticator, we have followed the tips which they have mentioned in article mentioned below.

https://confluence.atlassian.com/kb/single-sign-on-integration-with-the-atlassian-stack-794495126.html

The similar custom authenticator is working fine for JIRA, but not for Confluence. We have updated seraph-config.xml file to point to the new custom authenticator.

Similar code base means, Custom authenticator is 80% same for JIRA and Confleucne except few pacakges which is specific to JIRA. 

Its working on my local desktop, but not on server. They are different environment.

We have also verified and there is no reverse proxy setup in front of Atlassian application. 

It seems to be permission issue, as I see the below message in logs.
Its not able to get user information after calling getUser method and throwing null pointer exception.

2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Got username from iv-user Ashutosh%20Shrivastava
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /s/d31cd7d2fde86846818b7c61a667b08c-CDN/en_GB/7202/57e26a1771e14e3fb96fd7cebe99a87f17d4379c/908a5017a16ca970aea8fe4a1d1970d0/_/download/contextbatch/css/main,-_super/batch.css | traceId: bfb267df95bfd771
2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Got email from header ashutosh_shrivastava@company.com
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /s/d31cd7d2fde86846818b7c61a667b08c-CDN/en_GB/7202/57e26a1771e14e3fb96fd7cebe99a87f17d4379c/908a5017a16ca970aea8fe4a1d1970d0/_/download/contextbatch/css/main,-_super/batch.css | traceId: bfb267df95bfd771
2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Custom getUser method called:Ashutosh Shrivastava
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /s/d31cd7d2fde86846818b7c61a667b08c-CDN/en_GB/7202/57e26a1771e14e3fb96fd7cebe99a87f17d4379c/908a5017a16ca970aea8fe4a1d1970d0/_/download/contextbatch/css/main,-_super/batch.css | traceId: bfb267df95bfd771
2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Exception: java.lang.NullPointerException
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url:

Ashutosh,
 
We (Kantega Single Sign-on) have many customers that have migrated from custom authenticators and we have seen just about everything that can go wrong. 
 
I am still not able to understand what could possibly be your problem, so I think some more information would be necessary.
 
-Lars
 

Hi Lars,

I have added my comments in above post, rearding the issue I am facing.

Please have a look and let me know if you have any questions. 

Also, please send me the steps for Kantega SSO system integration with Confluence. Do we have to purchase any seperate Product for this or its part of Confluence and JIRA?

Are the Confluence version locally the same version as remotely? 

 

Kantega SSO is an add-on sold through Atlassian Marketplace. 

 

With our add-on there is need for any file system changes, and it has a built in step by step setup wizard. 

If you need any help, email us at sso@kantega.no

Thanks Lars,

We are using same version for Confleunce in local and server, its latest version - 6.3.1

For JIRA we are using 7.2.2 version.

Kantega SSO is one licence for Confluence and JIRA, or we have to purchase two different add ons for each?

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Kesha Thillainayagam
Posted Apr 13, 2018 in Confluence

We want to hear how your non-technical teams are using Confluence!

Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...

365 views 20 10
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you