We integrated confluence with crowd sso for authentication (how we did changes for confluence can be find below).
Know we like to integrate some of the urls to go through normal confluence authentication (like /admin/appTrustCertificate ..).
Can you please suggest us how we can achieve this.
1) Open web.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/web.xml
Add the following filter code in the <filter> section
<filter> <filter-name>checkauthentication</filter-name> <filter-class>com.cordys.CheckAuthentication</filter-class> <init-param> <param-name>loginurl</param-name> <param-value>https://ssoserver.com/sso/login</param-value> </init-param> <init-param> <param-name>skip.authentication.urls</param-name> <param-value> loginform.jsp,login.action,createrssfeed.action, images,/s/,styles/,download/,rpc/ </param-value> </init-param> </filter>
In the <filter-mapping> section add the below mapping code. Add it as the first filter mapping element.
<filter-mapping> <filter-name>checkauthentication</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
2) Copy the file [^CheckAuthentication.class] to \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/com/cordys/ folder and copy [^crowd-integration-client-1.6.jar] to
3) Open atlassian-user.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/atlassian-user.xml
Comment out all other repositories and use the default confluence user repository
<hibernate name="Hibernate Repository" key="hibernateRepository"&nbsp; description="Hibernate Repository" cache="true"/>
4) Open seraph-config.xml file located in \[CONFLUENCE_HOME_DIR\]/confluence/WEB-INF/classes/seraph-config.xml. Add the following line after commenting the default authenticator tag.
<\!-\- <authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/> \--> <authenticator class="com.atlassian.crowd.integration.seraph.ConfluenceAuthenticator"/>
5) Open crowd.properties file located at \[CONFLUENCE_HOME\]/confluence/WEB-INF/classes/crowd.properties. Set appropriate values for the following attributes
application.password application.name crowd.server.url
6) Restart tomcat.
Honestly talking, I believe you can't leave 2 authenticators in the seraph-config.xml working at the same time. This won't work and I think the application won't come up with this setting.
Anyway, I'll leave the question open so another person might know how to implement this.
Rodrigo is right about the two authenticators. It's not possible to set two authenticators at the same time. However, could you share with us the reason you want to set non-SSO authentication to only some URLs? We may find some alternative to reach your goal.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs