Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSO not working

GregS
GregS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 29, 2012

I followed the directions at https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence to set up SSO. The Crowd directory is visible and works within Confluence just fine, and I have disabled Confluence's built-in directory: Logging into Confluence using Crowd accounts works great. No problems there! However, when I get to step 2.2 and switch to the CrowdAuthenticator in seraph-config.xml and modify crowd.properties in /confluence/WEB-INF/classes/crowd.properties to the following, I am unable to log into my Confluence application:

#Fri Nov 16 15:01:18 CST 2012

session.lastvalidation=session.lastvalidation

# changed to application password as defined in Crowd

application.password=PASSWORD_4_APPLICATION

session.isauthenticated=session.isauthenticated

# application name as defined in Crowd

application.name=cvconfluence

crowd.server.url=https ://host_name.ahc.umn.edu :8443/crowd/services/

# added per directions

crowd.base.url=https ://localhost:8443/crowd/

session.validationinterval=0

session.tokenkey=session.tokenkey

application.login.url=https ://host_name.ahc.umn.edu :8443/crowd

I am getting an error of 2012-11-30 12:39:28,841 WARN http-8443-7 atlassian.seraph.auth.DefaultAuthenticator login login : 'gms' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

2012-11-30 12:39:40,509 WARN http-8443-7 atlassian.seraph.auth.DefaultAuthenticator login login : 'gms' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

2012-11-30 12:40:03,173 WARN http-8443-7 atlassian.seraph.auth.DefaultAuthenticator login login : 'confuser' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.

Please let me know why this does not work. The directions are pretty clear.

Thanks!

Answer
Watch
Like Be the first to like this
2360 views

5 answers

1 accepted

1 vote
Answer accepted
GregS
GregS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 9, 2013

Thje problem for me ended up being use of inconsistent URL in my crowd.properties file. That fixed it just fine.

View More Comments
loyx
loyx September 24, 2013

I had exactly the same error. And double (and triple) checking the URL's on crowd.properties solved it! Thanks!

Like
Anand Unadkat
Anand Unadkat
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 16, 2014

what was the problem with the URL? I am facing the same issue. Also what did you use for you URL? Which URL did you have to change?

Thanks

Like
GregS
GregS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 16, 2014

If you look at the config above, the reference to the Crowd base was to localhost, while the Crowd server was to the actual canonical form of the URL.

Greg--

Like
Joel Holmberg1
Joel Holmberg May 22, 2014

And wich one did you choose? Please give an example of what actually worked for you.

Like
Reply
2 votes
Daniel Borcherding
Daniel Borcherding
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 30, 2012

Hello Greg,

Are you sure that your user is part of a group that has USE permissions inside Confluence?

If you take a look at the document we recommend that the user be placed inside the confluence-users or confluence-administrators group within Crowd. This ensures that they are inside default groups in Confluence.

Also within Confluence we want to make sure that the Crowd User Directory is placed first in the List of directories. If there is a gms user in the Confluence internal, or any other direcotry that is not part of the a permitted groups in Confluence you could be seeing this error.

Those would be the first places I would look. We can dig a bit deeper if necessary.

View More Comments
GregS
GregS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 30, 2012

Hi Daniel,

Just checked my Crowd users, and user gms is definitely in groups that have USE permissions, in particular, I added it to both confluence-users and confluence-admin groups.

However, in Confluence, the Crowd user directory is not first in the list. That being said, gms is not a member of the Confluence directory, just Crowd (see below for user output from the Confluence user console). In any case I can try switching the order of the directories, if you think that would make a difference.

<label class="label">User:</label> gms
<label class="label">Full Name:</label> Greg M Silverman
<label class="label">Email:</label>
<label class="label">Directory:</label> Crowd Server
<label class="label">Created:</label> Nov 28, 2012 13:15
<label class="label">Last Updated:</label> Nov 30, 2012 10:48
<label class="label">Login:</label> Last Login: Nov 30, 2012 17:16Last Failed Login: Nov 30, 2012 12:39Total Failed Login Count: 4Current Failed Login Count: 0
<label class="label">Groups:</label> confluence-administrators
confluence-users
crowd-administrators

Thanks!

Greg--

Like
Daniel Borcherding
Daniel Borcherding
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 11, 2012

Greg,

Sorry now just getting back to this issue. The direcotry order would only matter if the user gms was in the directory listed above the crowd directory. As gms is not a member of the Confluence internal directory this should not matter.

The formatting on your post above is a little heard to read. Is this from your Crowd or Confluence interface? Are you able to take a screen shot of the page?

Like
Reply
0 votes
Duong-Thanh Ngu
Duong-Thanh Nguyen May 4, 2013

I have the same problem when tried upgrading confluence from 2.8.1 to 5.1.2.

The problem by me was the confluence-administrators and confluence-users group haven't been migrated ( the problem started from version 3.5.x)

I followed the workaround described in https://confluence.atlassian.com/display/DOC/Restoring+Passwords+To+Recover+Admin+User+Rights

  • Create "admin" user
  • Login as "admin" use UI to setup connection to Crowd as Dennis mentioned.
  • After all i deleted "admin" user.
Reply
0 votes
Dennis Newel
Dennis Newel December 11, 2012

just to update: i chose to simply dump my old crowd configuration files, use the one local confluence user i had and just used the UI to setup the connection to Crowd...

Reply
0 votes
Dennis Newel
Dennis Newel December 5, 2012

I'm seeing the same thing during an upgrade and it looks more like Confluence not being able to connect to Crowd than anything else. I'm at a loss as to why as i've re-used the various settings from the old install (3.4) which has no issues connecting.

There are also no errors or anything in the crowd log files...

View More Comments
Dennis Newel
Dennis Newel December 11, 2012

just to update: i chose to simply dump my old crowd configuration files, use the one local confluence user i had and just used the UI to setup the connection to Crowd...
Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events