Community
Products
Crowd
Questions
Crowd SSO with 2 instances of Jira -- one behind firewall, one not.

Crowd SSO with 2 instances of Jira -- one behind firewall, one not.

Hi,

Here is what I am trying to do -- I want to run Crowd and one version of Jira behind a firewall, and have a 2nd external version of Jira. Basically the "internal" version of Jira would be for internal customers, and the external version of jira would be for external customers.

I've been able to get SSO to work with crowd internally --- but I am not sure how to approach it when one instance is internal, and the external.

Is this even possible?

If not, what if both Jira instances are behind the firewall, but we have proxies set-up in the DMZ -- could we get then get SSO to work?

Any tips/advice appreciated.

1 answer

1 accepted

0 vote

Are all users within the same directory in Crowd? Since directory id is used as a validation factor when creating the crowd token (the crowd token is used for SSO).

If this is the case, this should be a no-brainer and pretty straight forward. The other issue is that they need to be on the same parent domain, since Crowd uses cookies to provide SSO.

external-jira.mycompany.com

internal-jira.mycompany.com

So there would be a cookie created with the domain of *.mycompany.com

These are probably the two biggest issues that you would need to validate.