Crowd / Shibboleth Module installation

Hi,

I downloaded, compiled, and deployed (from the README directions) the Atlassian-recommended Crowd Shibboleth Module listed at https://jira.atlassian.com/browse/CWD-75. At least I think I did, I had to stumble my way through it because there are no real directions.

I can't seem to find any directions for configuring Crowd to use it. I am not sure if I am suppose to add it as a "Delegated Authentication" or "Connector" directory (I don't see any new ones listed for either) or something else?

Maybe this doesn't work for Crowd 2.7 at all?

Any help would be appriciated.

Thanks!

Matt

2 answers

The current development version at GitHub includes a README (README.TXT) with some more details about how to configure it to allow authentication against Crowd. The process involves some editing of configuration files.

Thanks for the response. I guess I should have mentioned, I followed those directions too. I am not sure what to do next? My Crowd instance didn't seem to change any? Is there any configuration done via the Crowd gui?

I do have some experience configuring Shib config files, but I am at loss here. Am I supposed to install a shib client in that tomcat instance or something else like that? Other stuff that might be obvious to others. :)

Really all I have done is install Crowd (as a demo), configure it to work with a demo jira instance, and follow the directions in the readme.

OK, after a little bit of playing around, I have CROWD working with our Shib (actually ADFS) SSO server. Seems to work fine. I think my missing piece was putting it behind a web server (IIS). I couldn't seem to get it to work with tomcat directly.

Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John

I too would like to see someone explain the full steps. We are trying something similar. One other problem we are facing. How do you handle SAML and non-SAML users? For example, using SAML for internal employees is great. But let's say you are an external customer who is currently authenticating against a local crowd directory? How do they log into jira with their local credentials, and other people use SAML? Is it possible to fail SAML and fall into the other authentication mode? Any tips appreciated. Whether that means getting creative with apache redirects or whatever.

Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John

Suggest an answer

Log in or Join to answer
Community showcase
Emilee Spencer
Published yesterday in Marketplace Apps

Marketplace Spotlight: DeepAffects

Hello Atlassian Community! My name is Emilee, and I’m a Product Marketing Manager for the Marketplace team. Starting with this post, I'm kicking off a monthly series of Spotlights to highlight Ma...

44 views 0 3
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot