Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence SSO is not working on Server, but working on local

Ashutosh Shrivastava
Ashutosh Shrivastava July 27, 2017

We have implemented Confluence and JIRA SSO using seraph and crowd framework and have coded new custom authenticator for both applications. Both JIRA and Confluence SSO whould work from our company site, and share the similar code base with minor differences. JIRA SSO is working fine on server and local, and Confluence SSO is not working on server but working on local. We are using Confluence version 6.3.1 and JIRA version 7.2.2

Please help me to resolve this issue and let me know if I have to include any other packages or class files to make Confluence SSO work on server.

Thanks in advance

Answer
Watch
Like Be the first to like this
829 views

2 answers

1 vote
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 31, 2017

I understand SSO is not working consistently in your environment. 

Please review this guide to make sure all the basics are in place:

Troubleshooting SSO with Crowd

I am not sure what is meant by coding a new custom authenticator. Did you write a custom authenticator or enable the SSO authenticators bundled with JIRA and Confluence? The latter is done in the seraph-config.xml file.

What is the similar code base you mention?

When you say the SSO works from server but not local I am not sure what is meant. Does it mean it works from a browser on the server but not from a workstation? Or are there two environments, one on your local desktop and one on a server?

Please let us know whether there is a reverse proxy in front of the Atlassian applications.

 

 

 

View More Comments
Ashutosh Shrivastava
Ashutosh Shrivastava August 3, 2017

Hi Ann,

I have wrote custom authenticator, we have followed the tips which they have mentioned in article mentioned below.

https://confluence.atlassian.com/kb/single-sign-on-integration-with-the-atlassian-stack-794495126.html

The similar custom authenticator is working fine for JIRA, but not for Confluence. We have updated seraph-config.xml file to point to the new custom authenticator.

Similar code base means, Custom authenticator is 80% same for JIRA and Confleucne except few pacakges which is specific to JIRA. 

Its working on my local desktop, but not on server. They are different environment.

We have also verified and there is no reverse proxy setup in front of Atlassian application. 

It seems to be permission issue, as I see the below message in logs.
Its not able to get user information after calling getUser method and throwing null pointer exception.

2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Got username from iv-user Ashutosh%20Shrivastava
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /s/d31cd7d2fde86846818b7c61a667b08c-CDN/en_GB/7202/57e26a1771e14e3fb96fd7cebe99a87f17d4379c/908a5017a16ca970aea8fe4a1d1970d0/_/download/contextbatch/css/main,-_super/batch.css | traceId: bfb267df95bfd771
2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Got email from header ashutosh_shrivastava@company.com
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /s/d31cd7d2fde86846818b7c61a667b08c-CDN/en_GB/7202/57e26a1771e14e3fb96fd7cebe99a87f17d4379c/908a5017a16ca970aea8fe4a1d1970d0/_/download/contextbatch/css/main,-_super/batch.css | traceId: bfb267df95bfd771
2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Custom getUser method called:Ashutosh Shrivastava
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url: /s/d31cd7d2fde86846818b7c61a667b08c-CDN/en_GB/7202/57e26a1771e14e3fb96fd7cebe99a87f17d4379c/908a5017a16ca970aea8fe4a1d1970d0/_/download/contextbatch/css/main,-_super/batch.css | traceId: bfb267df95bfd771
2017-08-01 19:39:24,396 WARN [http-nio-8090-exec-9] [company.atlassian.confluence.WebSealConfluenceAuthenticator] getUser Exception: java.lang.NullPointerException
-- referer: http://confluence.dept.dev.company.com/login.action?os_destination=%2Findex.action&permissionViolation=true | url:

Like
Reply
0 votes
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 1, 2017
Ashutosh,
 
We (Kantega Single Sign-on) have many customers that have migrated from custom authenticators and we have seen just about everything that can go wrong. 
 
I am still not able to understand what could possibly be your problem, so I think some more information would be necessary.
 
-Lars
 
View More Comments
Ashutosh Shrivastava
Ashutosh Shrivastava August 3, 2017

Hi Lars,

I have added my comments in above post, rearding the issue I am facing.

Please have a look and let me know if you have any questions. 

Also, please send me the steps for Kantega SSO system integration with Confluence. Do we have to purchase any seperate Product for this or its part of Confluence and JIRA?

Like
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 3, 2017

Are the Confluence version locally the same version as remotely? 

 

Kantega SSO is an add-on sold through Atlassian Marketplace. 

 

With our add-on there is need for any file system changes, and it has a built in step by step setup wizard. 

If you need any help, email us at sso@kantega.no

Like Ashutosh Shrivastava likes this
Ashutosh Shrivastava
Ashutosh Shrivastava August 3, 2017

Thanks Lars,

We are using same version for Confleunce in local and server, its latest version - 6.3.1

For JIRA we are using 7.2.2 version.

Kantega SSO is one licence for Confluence and JIRA, or we have to purchase two different add ons for each?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events