Crowd and Confluence SSO configuration

Gerald Jimenez August 4, 2016

Hi There,

Just finished installing new setup of both Confluence 5.10.1 and Crowd 2.9.1  They are running on a Windows Server 2008 and got Confluence users authenticating to with Crowd Delegated directory.

Next step I need to enable SSO and this is where I am getting stuck.  I've followed this instructions

https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence

They do not work in our case.  Given our environment is Windows do we need to have the NTLM plugin?  if so, what is the recommended NYLM plugin given the one in the Crowd pages is no longer available.

https://confluence.atlassian.com/display/CROWD/Configuring+Confluence+for+NTLM+SSO

Which is the best approach?  and any ideas how I can workout what I did wrong.

Thanks

 

1 answer

1 accepted

0 votes
Answer accepted
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 4, 2016

Hi Gerald,

Well, you might have forgotten to edit the seraph-config.xml file as detailed in step 2.2 of the instructions you are referring to. This is a very common mistake when configuring Crowd SSO for Confluence and Jira.

But as far as I can read from your question, you might also misunderstand what Crowd SSO actually provides. Crowd SSO provides Web SSO between all your web applications using Crowd for user management, for instance Jira, Confluence, Bamboo etc. That means that once a user has logged onto - let's say - Confluence after entering his username/password, he will not have to authenticate again on Jira, Bamboo etc. Since you are mentioning the NTLM plugin, I think that you want Windows Desktop SSO, which means that you want your users to be automatically authenticated on Confluence, Jira, Bamboo etc. once they have logged onto their Windows workstation. If this is actually what you want, you will need a plugin in addition to Crowd. There are many Kerberos plugins available on the Atlassian Marketplace. As my company developed one of them, please allow me to suggest you to try for free the IWAAC plugin (Integrated Windows Authentication for Apps using Crowd):

https://marketplace.atlassian.com/plugins/com.cleito.iwaac/server/overview

Best regards,

Bruno

Gerald Jimenez August 4, 2016

Thanks Bruno your explanation made sense and I now understand what I am doing wrong.  Yes, I did configure the seraph-config.xml and that could be working fine but given that I am only using one service I cannot test it.

But you are right - what we really want is integrating the Windows login to Crowd and will certainly look at your product.

Have a great weekend

Gerald

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events