Crowd SSO with 2 instances of Jira -- one behind firewall, one not.


Here is what I am trying to do -- I want to run Crowd and one version of Jira behind a firewall, and have a 2nd external version of Jira. Basically the "internal" version of Jira would be for internal customers, and the external version of jira would be for external customers.

I've been able to get SSO to work with crowd internally --- but I am not sure how to approach it when one instance is internal, and the external.

Is this even possible?

If not, what if both Jira instances are behind the firewall, but we have proxies set-up in the DMZ -- could we get then get SSO to work?

Any tips/advice appreciated.

1 answer

1 accepted

0 votes
Answer accepted

Are all users within the same directory in Crowd? Since directory id is used as a validation factor when creating the crowd token (the crowd token is used for SSO).

If this is the case, this should be a no-brainer and pretty straight forward. The other issue is that they need to be on the same parent domain, since Crowd uses cookies to provide SSO.

So there would be a cookie created with the domain of *

These are probably the two biggest issues that you would need to validate.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Thursday in Jira

Updates to give you visibility into what's coming in Jira Server and Data Center

Hello, Community! My name is Gosia and I'm a Product Manager on Jira Server and Data Center here at Atlassian. Since 2002 when we launched our public issue tracker, jira.atlass...

265 views 1 10
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you