Crowd / Shibboleth Module installation

Hi,

I downloaded, compiled, and deployed (from the README directions) the Atlassian-recommended Crowd Shibboleth Module listed at https://jira.atlassian.com/browse/CWD-75. At least I think I did, I had to stumble my way through it because there are no real directions.

I can't seem to find any directions for configuring Crowd to use it. I am not sure if I am suppose to add it as a "Delegated Authentication" or "Connector" directory (I don't see any new ones listed for either) or something else?

Maybe this doesn't work for Crowd 2.7 at all?

Any help would be appriciated.

Thanks!

Matt

2 answers

0 votes

The current development version at GitHub includes a README (README.TXT) with some more details about how to configure it to allow authentication against Crowd. The process involves some editing of configuration files.

Thanks for the response. I guess I should have mentioned, I followed those directions too. I am not sure what to do next? My Crowd instance didn't seem to change any? Is there any configuration done via the Crowd gui?

I do have some experience configuring Shib config files, but I am at loss here. Am I supposed to install a shib client in that tomcat instance or something else like that? Other stuff that might be obvious to others. :)

Really all I have done is install Crowd (as a demo), configure it to work with a demo jira instance, and follow the directions in the readme.

OK, after a little bit of playing around, I have CROWD working with our Shib (actually ADFS) SSO server. Seems to work fine. I think my missing piece was putting it behind a web server (IIS). I couldn't seem to get it to work with tomcat directly.

Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John

I too would like to see someone explain the full steps. We are trying something similar. One other problem we are facing. How do you handle SAML and non-SAML users? For example, using SAML for internal employees is great. But let's say you are an external customer who is currently authenticating against a local crowd directory? How do they log into jira with their local credentials, and other people use SAML? Is it possible to fail SAML and fall into the other authentication mode? Any tips appreciated. Whether that means getting creative with apache redirects or whatever.

Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Dec 10, 2018 in Confluence

Organizing your space just got easier - Page Tree Drag & Drop is here

Hi Community! I’m Elaine, Confluence Product Manager. You may have read my earlier post about page tree in space navigation sidebar. I'm excited to share another improvement that helps you organize ...

212 views 6 8
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you