Crowd / Shibboleth Module installation

Matt Scales January 16, 2014

Hi,

I downloaded, compiled, and deployed (from the README directions) the Atlassian-recommended Crowd Shibboleth Module listed at https://jira.atlassian.com/browse/CWD-75. At least I think I did, I had to stumble my way through it because there are no real directions.

I can't seem to find any directions for configuring Crowd to use it. I am not sure if I am suppose to add it as a "Delegated Authentication" or "Connector" directory (I don't see any new ones listed for either) or something else?

Maybe this doesn't work for Crowd 2.7 at all?

Any help would be appriciated.

Thanks!

Matt

2 answers

0 votes
John Burrows January 23, 2015

Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John

0 votes
joe
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 20, 2014

The current development version at GitHub includes a README (README.TXT) with some more details about how to configure it to allow authentication against Crowd. The process involves some editing of configuration files.

Matt Scales January 20, 2014

Thanks for the response. I guess I should have mentioned, I followed those directions too. I am not sure what to do next? My Crowd instance didn't seem to change any? Is there any configuration done via the Crowd gui?

I do have some experience configuring Shib config files, but I am at loss here. Am I supposed to install a shib client in that tomcat instance or something else like that? Other stuff that might be obvious to others. :)

Really all I have done is install Crowd (as a demo), configure it to work with a demo jira instance, and follow the directions in the readme.

Matt Scales January 21, 2014

OK, after a little bit of playing around, I have CROWD working with our Shib (actually ADFS) SSO server. Seems to work fine. I think my missing piece was putting it behind a web server (IIS). I couldn't seem to get it to work with tomcat directly.

John Burrows January 23, 2015

Matt, Any chance you could provide instruction on how to setup SSO in Crowd using the Shib? We use PingFederate SSO, so am wondering if we could utilize same setup to authenticate against that? Thanks, John

Bryan Karsh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 11, 2015

I too would like to see someone explain the full steps. We are trying something similar. One other problem we are facing. How do you handle SAML and non-SAML users? For example, using SAML for internal employees is great. But let's say you are an external customer who is currently authenticating against a local crowd directory? How do they log into jira with their local credentials, and other people use SAML? Is it possible to fail SAML and fall into the other authentication mode? Any tips appreciated. Whether that means getting creative with apache redirects or whatever.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events