Problem with Confluence, Seraph and a custom SSO

I am working on a custom authentication solution for our Atlassian installation. I have modified the login.url and the link.login.url init-params in the seraph-config.xml to point to our authentication service. After the user has authenticated to our external system, I am unable to add the user (Principal) to the session in a way that Confluence recognizes that the user is authenticated. This causes a loop between Confluence and the authentication system resulting in a redirect loop error message in the browser.

I am using the Atlassian refapp for my plugin because I would like to apply this plugin to Jira, Confluence, Stash and Bamboo. After successfully logging in via the custom authentication solution and looking up the user in the UserProfile privded by the Atlassian UserManager:

UserProfile userProfile = userManager.getUserProfile(uid);

final String jiraUsername = userProfile.getUsername();

I attempt to add the user (Principal) to the session with the following code:

request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY, principal);

request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_OUT_KEY, null);

Pretty much the same code works for Jira (using DefaultAuthenticator instead of ConfluenceAuthenticator). Is there something else I need to do to get Confluence to recognize the authenticated user?

1 answer

1 accepted

Hi Lloyd,

I never used a UserProfile for that, just take a ConfluenceUser. and maybe this one helps:

https://docs.atlassian.com/atlassian-seraph/latest/sso.html

Just use the Confluence(GroupJoining)Authenticator instead of the DefaultAuthenticator

And I think those two lines might help

authoriseUserAndEstablishSession(request, response, user);
 getElevatedSecurityGuard().onSuccessfulLoginAttempt(request, user.getName());

Regards

Steve

Thanks Steve! This tip pointed me in the right direction and I was able to resolve my issue.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Asked May 24, 2018 in Confluence

What are the resources that you use to learn more about Atlassian Products?

I am gathering information about resources available for Atlassian product knowledge transferring for a presentation in our local Atlassian User Group. I want to group them in four categories From ...

604 views 18 16
View question

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you