Hello, I've been searching (fruitlessly) for a way to implement the following requirements:
JIRA and Confluence using Apache Reverse Proxy
JIRA and Confluence using Shibboleth SSO for user requests
JIRA and Confluence Application Links working properly
The root of my problem seems to be that app links require use of the BASE URL, which in my case would be a Shibboleth Protected URL. I've been attempting to open up other ports, either directly in Tomcat or through Apache Reverse Proxy, and those ports work fine if I hit them directly with a browser, but Application Links cannot be configured with these ports (it simply overwrites them with the base URL while creating the link).
In summary, I can get Applinks + reverse proxy working, or Shibboleth and reverse proxy working, but it seems impossible to get them all working simultaneously. IF anyone has this working, i'd appreciate some general advice on how to set it up. To be clear: all communication between JIRA and confluence using Applinks should not be protected by shibboleth. Because of this i've been attempting to set up a separate virtual host in apache to handle this communication. The problem is that we need to make all of this traffic hit the application via the BASE URL.
I worked around the issue (For now) by not requiring a shibboleth session for access against the base JIRA url. This allows users to direct login to JIRA using the dashboard login gadget, or they can click the login link which goes to our IDP. My other solution to this issue was to set up a second virtual host (which was not shibboleth protected) and use IPTables to reroute any traffic from the confluence server which was inbound for 80/443. I also found that Adaptavist (Atlassian Expert) has a plugin which handles Auth called Umbrella, but i have not installed or tested that software yet.
Thanks Jason. We would need to have the login URL set to shibboleth.
Did you use the HTTP remote authenticator plugin in JIRA? We tried to add a second virtual host but the plugin redirects to Shibboleth when setting up an application link. Not quite sure at this point how we could bypass the redirect.
Hi my Community friends! For those who don't know me, I'm a product marketer on the Confluence Cloud team - nice to meet you! For those of you who do, you know that I've been all up in your Co...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs