Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Enable SSO with crowd on different machine

Manjul Srivasta1
Manjul Srivastava July 8, 2014

I have crowd on one machine and other atlassian tools on different machine.

Can i enable SSO in my this senerio ?

I have done all configuration according to the crowd integration documentation (with jira,confluence,stash and bamboo), but SSO is not working.

My tools are not in same domain and i am not using any proxy server also. Only crowd is on different machine except that all the tools are on same machine.

Is it necessary that crowd and other tools should be in same domain ?

Answer
Watch
Like Be the first to like this
833 views

1 answer

0 votes
Tiago Comasseto
Tiago Comasseto
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 8, 2014

Hi Manjul, there should be no problem in having the applications on different machines, but the doman may cause problems with the SSO. You may want to check this doc for more information about the domain format.

Cheers

View More Comments
Manjul Srivasta1
Manjul Srivastava July 8, 2014

Hi Tiago,

Thanks for your response.

So, for SSO to work properly all the tools should be in same domain including crowd ?

In the doc suggested by you, it is mentioned that we can leave SSO domain empty. What will happen in that senerio ?

Like
Tiago Comasseto
Tiago Comasseto
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 8, 2014

Hi Manjul, that's correct, the domain should be the same. You can use the domain format you prefer though (.mydomain or mydomain/app).

Also, if you leave the domain field empty, the SSO cookie in your browser will be created with the domain of the application that made the request to Crowd, but the important part is that if another application try to authenticate to Crowd with a different domain than the first application, the initial cookie won't be used and the SSO won't work.

Cheers

Like
Manjul Srivasta1
Manjul Srivastava July 9, 2014

Hi Tiago, as i mentioned in my above conversation that except crowd all atlassian tools are on same machine. So according to that SSO cookie that will generate on browser will generate on the basis of that machine's (on which jira,confluence,stash and bammboo are installed) IPAddress, right ?

So, SSO should work for all tools (jira,confluence,stash and bamboo) except crowd (as crowd is on another machine).

Like
Tiago Comasseto
Tiago Comasseto
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 9, 2014

Hi Manjul, in fact the SSO cookie will be created based on the URL of the applications, not the IP. Your applications can be installed on different machines with different IPs and the SSO would still work.

The important part is that the URL of the applications should match the domain format of the previous doc.

Cheers

Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events