Hi,
We integrated confluence with crowd sso for authentication (how we did changes for confluence can be find below).
Know we like to integrate some of the urls to go through normal confluence authentication (like /admin/appTrustCertificate ..).
Can you please suggest us how we can achieve this.
1) Open web.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/web.xml
Add the following filter code in the <filter> section
<filter> <filter-name>checkauthentication</filter-name> <filter-class>com.cordys.CheckAuthentication</filter-class> <init-param> <param-name>loginurl</param-name> <param-value>https://ssoserver.com/sso/login</param-value> </init-param> <init-param> <param-name>skip.authentication.urls</param-name> <param-value> loginform.jsp,login.action,createrssfeed.action, images,/s/,styles/,download/,rpc/ </param-value> </init-param> </filter>
In the <filter-mapping> section add the below mapping code. Add it as the first filter mapping element.
<filter-mapping> <filter-name>checkauthentication</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
2) Copy the file [^CheckAuthentication.class] to \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/com/cordys/ folder and copy [^crowd-integration-client-1.6.jar] to
\[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/lib folder.
3) Open atlassian-user.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/atlassian-user.xml
Comment out all other repositories and use the default confluence user repository
<hibernate name="Hibernate Repository" key="hibernateRepository"&nbsp; description="Hibernate Repository" cache="true"/>
4) Open seraph-config.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/seraph-config.xml. Add the following line after commenting the default authenticator tag.
<\!-\- <authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/> \--> <authenticator class="com.atlassian.crowd.integration.seraph.ConfluenceAuthenticator"/>
5) Open crowd.properties file located at \[CONFLUENCE_HOME\]/confluence/WEB-INF/classes/crowd.properties. Set appropriate values for the following attributes
application.password application.name crowd.server.url
6) Restart tomcat.
Hi Gangadhar,
Rodrigo is right about the two authenticators. It's not possible to set two authenticators at the same time. However, could you share with us the reason you want to set non-SSO authentication to only some URLs? We may find some alternative to reach your goal.
Cheers
Hi there,
Honestly talking, I believe you can't leave 2 authenticators in the seraph-config.xml working at the same time. This won't work and I think the application won't come up with this setting.
Anyway, I'll leave the question open so another person might know how to implement this.
Regards,
Rodrigo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.