Crowd and Confluence SSO configuration

Hi There,

Just finished installing new setup of both Confluence 5.10.1 and Crowd 2.9.1  They are running on a Windows Server 2008 and got Confluence users authenticating to with Crowd Delegated directory.

Next step I need to enable SSO and this is where I am getting stuck.  I've followed this instructions

https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence

They do not work in our case.  Given our environment is Windows do we need to have the NTLM plugin?  if so, what is the recommended NYLM plugin given the one in the Crowd pages is no longer available.

https://confluence.atlassian.com/display/CROWD/Configuring+Confluence+for+NTLM+SSO

Which is the best approach?  and any ideas how I can workout what I did wrong.

Thanks

 

1 answer

1 accepted

0 vote
Bruno Vincent Community Champion Aug 04, 2016

Hi Gerald,

Well, you might have forgotten to edit the seraph-config.xml file as detailed in step 2.2 of the instructions you are referring to. This is a very common mistake when configuring Crowd SSO for Confluence and Jira.

But as far as I can read from your question, you might also misunderstand what Crowd SSO actually provides. Crowd SSO provides Web SSO between all your web applications using Crowd for user management, for instance Jira, Confluence, Bamboo etc. That means that once a user has logged onto - let's say - Confluence after entering his username/password, he will not have to authenticate again on Jira, Bamboo etc. Since you are mentioning the NTLM plugin, I think that you want Windows Desktop SSO, which means that you want your users to be automatically authenticated on Confluence, Jira, Bamboo etc. once they have logged onto their Windows workstation. If this is actually what you want, you will need a plugin in addition to Crowd. There are many Kerberos plugins available on the Atlassian Marketplace. As my company developed one of them, please allow me to suggest you to try for free the IWAAC plugin (Integrated Windows Authentication for Apps using Crowd):

https://marketplace.atlassian.com/plugins/com.cleito.iwaac/server/overview

Best regards,

Bruno

Thanks Bruno your explanation made sense and I now understand what I am doing wrong.  Yes, I did configure the seraph-config.xml and that could be working fine but given that I am only using one service I cannot test it.

But you are right - what we really want is integrating the Windows login to Crowd and will certainly look at your product.

Have a great weekend

Gerald

Suggest an answer

Log in or Join to answer
Community showcase
Teodora [Botron]
Published Feb 15, 2018 in Marketplace Apps

Jira Inferno: The Nine Circles of Jira Administration Hell

If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...

1,196 views 6 19
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot