Cross platform true single sign on for confluence recommendations

Alicia Miller September 25, 2014

Hi All,

I'm looking for a cross platform true single sign on solution for confluence within an AD environment. 

Any recommendations?

Thanks,

Alicia

2 answers

1 accepted

1 vote
Answer accepted
Thomas Alfred
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 25, 2014

AppFusions' Kerberos SSO Authenticator for AD & Atlassian Servers is a single sign-on authenticator for Active Directory and includes service deployment for Confluence, JIRA, Stash, Crowd, FishEye/Crucible, Bamboo and (I believe) some more. 

It uses Kerberos rather than NTLM. NTLM does not support any recent cryptographic methods – I believe NTLM is no longer recommended by Microsoft. 

I'm told they've successfully deployed it 80 or more times and have some big enterprises using it, but you should ask AppFusions for details of that.

Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 25, 2014

Just to be clear I absolutely agree with statement that NTLM shouldn't be used by any sane organization (though we see plenty of it in the wild). Our plugin does support NTLM as a fallback, but the primary technology/protocol is NTLMv2 - a very different beast. I have directed Alicia to a Kerberos plugin - there are several of them on the Atlassian Marketplace now. Since she is asking here, there must be something that doesn't fit her scenario in full.

0 votes
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 25, 2014

Hello, Alicia.

I suggest you to elaborate on "cross platform" and "true" in this question.

Since you've already tried our EasySSO Single Sign-On for Confluence and based on our email discussions I suppose "cross-platform" means "supporting Apple OS X devices" but perhaps it's more than that? 

Alicia Miller September 25, 2014

Hi Ed, Thanks for your help earlier with EasySSO. Yes I mean windows and osx. In terms of "true" sso, I mean logging into a machine (with AD credentials), and being automatically authenticated to confluence without having to log in to another application.

Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 25, 2014

So, auto-login just like ours but supporting Macs :) I wish browsers on Mac OS X would do NTLMv2. Have you tried: Katenga's Kerberos Authentication for Confluence https://marketplace.atlassian.com/plugins/no.kantega.kerberosauth.kerberosauth-plugin.confluence or Polar Shift's "Integrated Windows Authentication" (https://marketplace.atlassian.com/plugins/fi.polarshift.confluence.plugins.kauth.config.iwac)

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events