Crowd SSO with 2 instances of Jira -- one behind firewall, one not.

Bryan Karsh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 25, 2012

Hi,

Here is what I am trying to do -- I want to run Crowd and one version of Jira behind a firewall, and have a 2nd external version of Jira. Basically the "internal" version of Jira would be for internal customers, and the external version of jira would be for external customers.

I've been able to get SSO to work with crowd internally --- but I am not sure how to approach it when one instance is internal, and the external.

Is this even possible?

If not, what if both Jira instances are behind the firewall, but we have proxies set-up in the DMZ -- could we get then get SSO to work?

Any tips/advice appreciated.

1 answer

1 accepted

0 votes
Answer accepted
JustinK
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 25, 2012

Are all users within the same directory in Crowd? Since directory id is used as a validation factor when creating the crowd token (the crowd token is used for SSO).

If this is the case, this should be a no-brainer and pretty straight forward. The other issue is that they need to be on the same parent domain, since Crowd uses cookies to provide SSO.

external-jira.mycompany.com

internal-jira.mycompany.com

So there would be a cookie created with the domain of *.mycompany.com

These are probably the two biggest issues that you would need to validate.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events