Hi there,
I want to login into confluence 6.8 from my web application without password
actually, I need to login into confluence by username only
I can get the user token from rest api but when i put the user token in cookie and return back to confluence , nothing happened
I have integrated confluence with Crowd and I have activated the SSO but I don't know how can I use crown in my web application ??
Is there any easy solution to login ???
My email address : hamedhatami2012@gmail.com
Regards,
Hamed Hatami
This is a snipet of code to getting token from crowd and then I should goto confluence or jira from inside of my web application that is based on Java EE 7 :
public static String getToken(String propertyName, String username, String password) throws Exception {
String token = "";
Properties crowd_props = new Properties();
crowd_props.load(CrowdClientUtil.class.getClassLoader().getResourceAsStream("/" + propertyName.trim()));
ClientProperties clientProperties = ClientPropertiesImpl.newInstanceFromProperties(crowd_props);
CrowdClient crowdClient = new com.atlassian.crowd.integration.rest.service.factory.RestCrowdClientFactory().newInstance(clientProperties);
/* CrowdHttpAuthenticator crowdHttpAuthenticator = new CrowdHttpAuthenticatorImpl(crowdClient,
clientProperties,
CrowdHttpTokenHelperImpl.getInstance(
CrowdHttpValidationFactorExtractorImpl.getInstance()));*/
UserAuthenticationContext userAuthenticationContext = new UserAuthenticationContext();
userAuthenticationContext.setName(username);
userAuthenticationContext.setCredential(new PasswordCredential(password, false));
ValidationFactor[] factors = new ValidationFactor[]{
new ValidationFactor("remote_address", "127.0.0.1"),
new ValidationFactor("X-Forwarded-For", clientProperties.getApplicationAuthenticationURL())
};
userAuthenticationContext.setValidationFactors(factors);
userAuthenticationContext.setApplication(clientProperties.getApplicationName());
token = crowdClient.authenticateSSOUserWithoutValidatingPassword(userAuthenticationContext);
return token;
}
Please send me a snipet of java code that can connect and then redirect to confluence or jira with using crowd sso ability from third-party application
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
String token = CrowdClientUtil.getToken("confluence.properties", username, "");
FacesContext facesContext = FacesContext.getCurrentInstance();
ExternalContext externalContext = facesContext.getExternalContext();
Date expdate = new Date();
expdate.setTime(expdate.getTime() + (3600 * 1000));
DateFormat df = new SimpleDateFormat("EEE, dd-MMM-yyyy HH:mm:ss zzz");
df.setTimeZone(TimeZone.getTimeZone("GMT"));
//crowd.token_key
externalContext.setResponseHeader("Set-Cookie", "seraph.confluence=" + token.trim() + "; Expires=" + df.format(expdate) + "; Max-Age=2592000; Domain=127.0.0.1; Path=/; Secure; HttpOnly");
externalContext.redirect(Configuration.getProperty("base_url") + "/" + Configuration.getProperty("login_page").trim());
externalContext.invalidateSession();
facesContext.responseComplete();
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This is my confluence.properties
application.name confapp
application.password 123456
application.login.url http://localhost:8090
crowd.server.url http://localhost:8095/crowd/services/
crowd.base.url http://localhost:8095/crowd/
session.isauthenticated session.isauthenticated
session.tokenkey session.tokenkey
session.validationinterval 2
session.lastvalidation session.lastvalidation
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you would like to enable the web application to talk to Crowd. You will need to create it as a Crowd Client. You can have a look at the knowledge base below on how you may be able to do it.
Once you have a talking communication between Crowd and web application.
Ensure that you insert the web application URL to Confluence whitelist by following the guide below.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Thanks for your reply
Actually, I have integrated Crowd's (users and groups) with Confluence and Jira but one of my important requirements was to use crowd as SSO center and my web application should redirect to confluence/jira pages without login ???
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As Kenny said already, you need to make your application be a client for Crowd.
The way SSO works is that when you log into ONE application, that application
Any other application in the set will do the same, but they all need to be set up as SSO clients that understand those tokens and use them to authenticate people with Crowd.
So. Your web-application needs to be a client for Crowd so it can create those tokens for logging into other systems (without passwords)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As a matter of fact, my web application is a client of crowd and I can get token from crowd but I need an exact example of parameter should set into confluence url to authenticated correctly, and directly goes to confluence in my web application response
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There s no "parameter should set into confluence url". That is not how it works.
Your application needs to construct the token that Atlassian applications ask your browser for in the same way that they do. My guess is that although you may have got the basic Crowd login working in your application, it is not yet creating the SSO tokens.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have changed the seraph-config.xml to work with sso authenticator instead of simple authenticator and in crowd, I have created some users snd groups that have permission to specific directory and import jira and confluence users snd groups into crowd and set the correct access to them and also I have done everything about integration between crowd and confluence and jira from scratch thus now I need to login as SSO like to crowd and then I could go directly and without second ligin to confluence so this is the story, at the end I should do all of these efforts from my web application and programmatically
and if there is a unique help or document that step by step learn sbout how to do that , Plesse send me and let me know about how to do that because I get stuck in setup and configure of the sso between atlassian products and after that sbility to use crowd sso to login without password (by token) programmatically to confluence and jira
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have changed the "seraph-config.xml" file in (confluence and jira) side to use sso authenticator instead of simple authenticator and then I have created many users and groups with specific access rights to a specific directory in crowd side and import the users and groups from (confluence and jira) into crowd and in (confluence and jira), I have set the correct groups and users into specific user directory and WhiteList has been created too although I have created application link to connect all of them together so I need connect as sso like into crowd and then go to confluence or jira without login (token-based) easily and actually do everything from my web application programmatically and I should have access to crowd from my web application by client api or rest invocation and then with some doing task that you should specify for me , i should go directly into confluence or jira,
I have read the documents of crowd and confluence / jira and there is not step by step and clear document about how to exactly configured or there is not an clear example on github ....
I have got stucked in this problem and I need to give me a hand ASAP.
Thanks in advance
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This is a snipet of code to getting token from crowd and then I should goto confluence or jira from inside of my web application that is based on Java EE 7 :
public static String getToken(String propertyName, String username, String password) throws Exception {
String token = "";
Properties crowd_props = new Properties();
crowd_props.load(CrowdClientUtil.class.getClassLoader().getResourceAsStream("/" + propertyName.trim()));
ClientProperties clientProperties = ClientPropertiesImpl.newInstanceFromProperties(crowd_props);
CrowdClient crowdClient = new com.atlassian.crowd.integration.rest.service.factory.RestCrowdClientFactory().newInstance(clientProperties);
/* CrowdHttpAuthenticator crowdHttpAuthenticator = new CrowdHttpAuthenticatorImpl(crowdClient,
clientProperties,
CrowdHttpTokenHelperImpl.getInstance(
CrowdHttpValidationFactorExtractorImpl.getInstance()));*/
UserAuthenticationContext userAuthenticationContext = new UserAuthenticationContext();
userAuthenticationContext.setName(username);
userAuthenticationContext.setCredential(new PasswordCredential(password, false));
ValidationFactor[] factors = new ValidationFactor[]{
new ValidationFactor("remote_address", "127.0.0.1"),
new ValidationFactor("X-Forwarded-For", clientProperties.getApplicationAuthenticationURL())
};
userAuthenticationContext.setValidationFactors(factors);
userAuthenticationContext.setApplication(clientProperties.getApplicationName());
token = crowdClient.authenticateSSOUserWithoutValidatingPassword(userAuthenticationContext);
return token;
}
Actually I also have crowd.property file in my web application and client crowd jar file to access
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
String token = CrowdClientUtil.getToken("confluence.properties", username, "");
FacesContext facesContext = FacesContext.getCurrentInstance();
ExternalContext externalContext = facesContext.getExternalContext();
Date expdate = new Date();
expdate.setTime(expdate.getTime() + (3600 * 1000));
DateFormat df = new SimpleDateFormat("EEE, dd-MMM-yyyy HH:mm:ss zzz");
df.setTimeZone(TimeZone.getTimeZone("GMT"));
//crowd.token_key
externalContext.setResponseHeader("Set-Cookie", "seraph.confluence=" + token.trim() + "; Expires=" + df.format(expdate) + "; Max-Age=2592000; Domain=127.0.0.1; Path=/; Secure; HttpOnly");
externalContext.redirect(Configuration.getProperty("base_url") + "/" + Configuration.getProperty("login_page").trim());
externalContext.invalidateSession();
facesContext.responseComplete();
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This is my confluence.properties
application.name confapp
application.password 123456
application.login.url http://localhost:8090
crowd.server.url http://localhost:8095/crowd/services/
crowd.base.url http://localhost:8095/crowd/
session.isauthenticated session.isauthenticated
session.tokenkey session.tokenkey
session.validationinterval 2
session.lastvalidation session.lastvalidation
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.