Recently I've installed Crowd as SSO solution authentication for Jira, Confluence, Bitbucket and Bamboo (all services running on the same machine - Windows Server 2012 R2). After installing Crowd I am struggeling to login intop my other Atlassian instances. I always get the error like "The login credentials given are incorrect.". I started setup Crowd's directory, user groups and user. But in case to add an application, I have to configure the other Atlaissians applications (e.g. Jira) to use Crows as identity provider, too. Right this step fails because I cannot logon into the other servies anymore. I've also tried to reset the Jira users password via mysql database (like described in Atlassian Support Documentation Jira: Retrieving the JIRA Administrator). On setup of Crowd, I followed the ionstructions given in Atlassian Crowd's documentation (https://confluence.atlassian.com/crowd/integrating-crowd-with-atlassian-jira-192625.html); I've got stuck on Step 2.
Can someone please help to to explain how to regain access to my running atlassian services?
Thank you very much in advance!
Sincerely
Kevin
Hi @Kevin Kirchhof,
You've mentioned that you've got stuck at step 2. I assume that you've configured Crowd directory in Jira and changed the seraph-config.xml already?
Can you tell me how does your configuration look like in Crowd? you are trying to login to Jira with a user that previously was able to login, is this user available in Crowd in the directory connected to Jira app in Crowd?
Best Regards,
Marcin Kempa
Hi @Marcin Kempa,
unfortunately not. I only was able to setup Crowd, so I just was able to setup a directory for Jira in Crowd. But on setting up Jira, I am not able anymore to login to my old user account. I've used Jira as authentication storage, so the other Atlassian instances took the authentication information from Jira.
I haven't setup any seraph-config.xml. I'll go for it an report the news soon. Was that file annotated in the documentation?
Thank you very much und best regard,
Kevin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Marcin Kempa,
suddenly I've missed to configure the further steps - so it was just my mistake, because I had not finished the setup of Crowd. I finilized the last steps configuring the connection between Crowd('s directories) and Jira and am now trying to login again. Updates will follow...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Marcin Kempa,
Now I have fulfilled the missing steps, setting up Crowd and a further Atlassian instance (e.g. Jira). But still I am not able to login, though the user I use for authentication is authorized in Crowd's directory, Jira uses to authenticate user.
Is there maybe a problem, because my new username in Crowd is the same as I've used for Jira before?
Thanks,
Kevin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Marcin Kempa,
I tried to simply shutdown Crowd Server and restartet e.g. Bitbucket Server, now the authentication against the old user repository of their realted atlassian instances works again.
How could it be, that if I run Crowd and have set the necessary steps to setup other atlassian instaces to integrate them, that thex cannot authenticate?
Is the issue propably realted to the fact, that the other atlassian instaces are running behind a proxy, so that their base_url is not like "localhost:<Application-Port", but "application.my-domain.tld"?
Thank you very much in advance.
Sincerely Kevin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As I understand your setup looks like that:
You have one Crowd instance and other Atlassian applications that are connected to it (i.e. Bitbucket Server). You've configured Bitbucket Server to use SSO with Crowd, however you have some problems with logging in. As I understand you cannot login to Bitbucket Server when it is connected to Crowd and it is not about SSO with other products not working once you are logged in?
Is that the case? What kind of error are you getting? Are there any errors in your log files?
Since you've mentioned that your products are running behind the proxy, I believe you will need to also follow those instructions https://confluence.atlassian.com/crowd/configuring-trusted-proxy-servers-158107219.html.
If that does not help, we can open a support ticket for you when you could provide your logs so it would be easier for us to investigate.
Best Regards,
Marcin Kempa
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Marcin Kempa,
I've got my system up to the point where I am able to login e.g. to Jira but from my local connector (e.g. http://localhost:8080). If I try to authenticate against the same application from proxied site (eg https://application.my-domain.tld) then the authentication request is reject.
In the special case of Jira, the logs are writing a http respone with status code 500 (actually I am just guessin that this log entry stands for the http status code). The log entry is as follows
0:0:0:0:0:0:0:1 736x57x1 - [19/May/2018:12:17:14 +0200] "POST /rest/gadget/1.0/login HTTP/1.1" 500 35532 40576 "https://application.my-domain.tld/secure/Dashboard.jspa" "Mozilla/5.0 (iPad; CPU OS 11_2_6 like Mac OS X) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0 Mobile/15D100 Safari/604.1" "12ddak7"
I have set the ip-address as well the proxy name of the application as "trusted proxy" in Crowd. But it seems as if Jira's connection to Crowd is having problems due incorrect proxy recognition, maybe.
Are there any related issues known already? Du you have an suggestion for me to look for?
Thanks in advance,
Kevin
Update:
In addition maybe its useful to say, that I have set up the connection between the applications and Crowd via the local connector, eg http://localhost:8095/[crowd[/console]].
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.