I have installed Confluence standalone 4.1.2, awith a 64bit tomcat on a 64bit JVM, following instructions found on Atlassian documentation.
I have integrated Confluence with Crowd, 2.3.6.
I have configured also SSO. The two are on two different servers, but in the same domain:
server01.localdomain -> Crowd, Jira, Fisheye
server02.localdomain -> Confluence, Bamboo
Everything works fine, I can log in in one of the applications and then going to another one I'm logged. The same, if I logout I am logged out from every application. So SSO is working.
When in Confluence I try to do an action that requires to take administration rights, I insert my password and start compiling a form. But when I submit, I get again the password request form and when I send the form I get an error message telling that the required authentication token was not present and that I have to restart over. I am still logged in, what i loose in the "sudo" priviledges.
If I can complete the operation in a few seconds (under five seconds) everything is ok, but if I wait even more then 5 seconds I cannot complete the operation.
This is blocking, because I cannot even create a new space, the time required to fill the 3 fileds is too much and I loose the "sudo" session.
I have also tried to disable SSO and it does not fix the problem.
I don't have this problem with any other application, even Jira works fine, (in Jira there is the same "sudo" requirement to administer it).
I don't have any error in the logs, both in Crowd and in Confluence.
This is a grey area for us, sorry to say.
If you use the built-in Confluence Crowd SSO Authenticator, then things should work OK: https://jira.atlassian.com/browse/CONF-22421
Unfortunately, if you're using a custom-built SSO Authenticator, then that is a scenario we have deliberately chosen not to support and you will need to disable Confluence's Secure Administrator Sessions feature (aka web sudo). (https://jira.atlassian.com/browse/CONF-20365)
I am using the default Confluence SSO authenticator:
Even disabling it and re-enabling the non-SSO authenticator
I have the same problem.
I disabled the websudo and now it does not ask me for admin login every time I enter an administration page, but I have the same problem: If I try to edit something and I need more than 5 seconds, I get this message:
If you use a browser extension like 'edit this cookie' in chrome, you can check the crowd token information when switching tabs between Crowd and the other application tabs to see if the token is different. If it is, it is going to keep knocking you out and means something in the configuration is a miss. Generally the SSO domain but it sounds like you have that working.
But for somewhere to start, check out the information in the cookies and post back
Atlassian Summit is an excellent opportunity for in-person support, training, and networking.Learn more
@Manon Soubies-Camy is an engineer who has been an avid Atlassian user since 2014. She helps companies of all sizes transform the way they work with the Atlassian stack, including Jira and Confl...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs