Hi,
I downloaded, compiled, and deployed (from the README directions) the Atlassian-recommended Crowd Shibboleth Module listed at https://jira.atlassian.com/browse/CWD-75. At least I think I did, I had to stumble my way through it because there are no real directions.
I can't seem to find any directions for configuring Crowd to use it. I am not sure if I am suppose to add it as a "Delegated Authentication" or "Connector" directory (I don't see any new ones listed for either) or something else?
Maybe this doesn't work for Crowd 2.7 at all?
Any help would be appriciated.
Thanks!
Matt
Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John
The current development version at GitHub includes a README (README.TXT) with some more details about how to configure it to allow authentication against Crowd. The process involves some editing of configuration files.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the response. I guess I should have mentioned, I followed those directions too. I am not sure what to do next? My Crowd instance didn't seem to change any? Is there any configuration done via the Crowd gui?
I do have some experience configuring Shib config files, but I am at loss here. Am I supposed to install a shib client in that tomcat instance or something else like that? Other stuff that might be obvious to others. :)
Really all I have done is install Crowd (as a demo), configure it to work with a demo jira instance, and follow the directions in the readme.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
OK, after a little bit of playing around, I have CROWD working with our Shib (actually ADFS) SSO server. Seems to work fine. I think my missing piece was putting it behind a web server (IIS). I couldn't seem to get it to work with tomcat directly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I too would like to see someone explain the full steps. We are trying something similar. One other problem we are facing. How do you handle SAML and non-SAML users? For example, using SAML for internal employees is great. But let's say you are an external customer who is currently authenticating against a local crowd directory? How do they log into jira with their local credentials, and other people use SAML? Is it possible to fail SAML and fall into the other authentication mode? Any tips appreciated. Whether that means getting creative with apache redirects or whatever.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.