Crowd SSO integration for some URLs and know we like to have basic Confluence authentication for some URLs.


We integrated confluence with crowd sso for authentication (how we did changes for confluence can be find below).

Know we like to integrate some of the urls to go through normal confluence authentication (like /admin/appTrustCertificate ..).
Can you please suggest us how we can achieve this.

1) Open web.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/web.xml

&nbsp;Add the following filter code in the <filter> section
















&nbsp;&nbsp; In the <filter-mapping> section add the below mapping code. Add it as the first filter mapping element.





2) Copy the file [^CheckAuthentication.class] to \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/com/cordys/ folder and copy [^crowd-integration-client-1.6.jar] to

&nbsp;&nbsp; \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/lib folder.

3) Open atlassian-user.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/atlassian-user.xml

&nbsp;&nbsp;&nbsp; Comment out all other repositories and use the default confluence user repository

&lt;hibernate name="Hibernate Repository" key="hibernateRepository"&amp;nbsp; description="Hibernate Repository" cache="true"/&gt;

4) Open seraph-config.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/seraph-config.xml. Add the following line after commenting the default authenticator tag.

&lt;\!-\- &lt;authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/&gt; \--&gt;

&lt;authenticator class="com.atlassian.crowd.integration.seraph.ConfluenceAuthenticator"/&gt;

5) Open file located at \[CONFLUENCE_HOME\]/confluence/WEB-INF/classes/ Set appropriate values for the following attributes



6)&nbsp;Restart tomcat.

2 answers

0 votes

Hi there,

Honestly talking, I believe you can't leave 2 authenticators in the seraph-config.xml working at the same time. This won't work and I think the application won't come up with this setting.

Anyway, I'll leave the question open so another person might know how to implement this.



Hi Gangadhar,

Rodrigo is right about the two authenticators. It's not possible to set two authenticators at the same time. However, could you share with us the reason you want to set non-SSO authentication to only some URLs? We may find some alternative to reach your goal.


Suggest an answer

Log in or Sign up to answer
Community showcase
Published Mar 12, 2019 in Confluence

Confluence Admin Certification now $150 for Community Members

More and more people are building their careers with Atlassian, and we want you to be at the front of this wave! Important Dates Start the Certification Prep Course by 2 April 2019 Take your e...

284 views 2 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you