I am working on a custom authentication solution for our Atlassian installation. I have modified the login.url and the link.login.url init-params in the seraph-config.xml to point to our authentication service. After the user has authenticated to our external system, I am unable to add the user (Principal) to the session in a way that Confluence recognizes that the user is authenticated. This causes a loop between Confluence and the authentication system resulting in a redirect loop error message in the browser.
I am using the Atlassian refapp for my plugin because I would like to apply this plugin to Jira, Confluence, Stash and Bamboo. After successfully logging in via the custom authentication solution and looking up the user in the UserProfile privded by the Atlassian UserManager:
UserProfile userProfile = userManager.getUserProfile(uid); final String jiraUsername = userProfile.getUsername();
I attempt to add the user (Principal) to the session with the following code:
request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_IN_KEY, principal); request.getSession().setAttribute(ConfluenceAuthenticator.LOGGED_OUT_KEY, null);
Pretty much the same code works for Jira (using DefaultAuthenticator instead of ConfluenceAuthenticator). Is there something else I need to do to get Confluence to recognize the authenticated user?
I never used a UserProfile for that, just take a ConfluenceUser. and maybe this one helps:
Just use the Confluence(GroupJoining)Authenticator instead of the DefaultAuthenticator
And I think those two lines might help
authoriseUserAndEstablishSession(request, response, user); getElevatedSecurityGuard().onSuccessfulLoginAttempt(request, user.getName());
Atlassian Summit is an excellent opportunity for in-person support, training, and networking.Learn more
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG