I am trying to include content from an external web application, the visualisation part of our monitoring system (http://www.nagvis.org/) This site runs over https and uses basic authentication. Not all users of the wiki that will need to see this page have accounts on the NagVis system, so what I would like to do is have the confluence displayed pages use a specifc user. The SSL certificate is a public one, not self signed
I'm not sure of the best way to achieve this in Confluence. I have tried the HTML Include macro, but this doesn't seem to have any where to enter the user credentials. I've tried the https://user:firstname.lastname@example.org/ format, but this comes back with a Page Not Permitted error.
I've also tried to use the iframe plugin, but as this goes direct from the client, it pops up the username/password box, or if I try the user:pass@ format that only works for the initial page call, and then the usual authentication box for the subsequent requests (in Firefox at least)
So does anyone have any suggestions, I would have thought that this is a reasonbly common requirement
I'm curious to see what you come up with for this. I recently had a similar requirement. Rather than include the HTML inside the confluence site, we decided to just protect the HTML pages with Confluence's security system, and let users browse the pages of the external site (as long as they were logged into Confluence).
I've got what I was trying to do working, but it's not very elegant. What I've come up with is to create another web site (old site name with -public on the end - site-public.example.com), that is proxied through Apache, and that injects the view-only authentication HTTP header into the requests to the original site. Then I use the iframe macro to insert a frame containing the new site address, and it all works. Currently we've set this up so it only works internally within our network, which isn't ideal, but is better than nothing.
For your solution, how have you protected the HTML pages with Confluence's security? For us the other app is dynamic and has it's own security, having an SSO into Confluence would be good.
I use the Seraph authentication scheme, which is also used by Confluence's admin console. I blogged about it here: http://www.confluenza.com/2013/01/04/protect-static-html-pages-using-crowd-and-confluence/
Apologies for the self-promoting link.
Want to see your team or company’s name featured ✨on our new Confluence Template Gallery? We’re looking for valued customers to share the stories behind what makes their team special and what they do...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events