We have purchased licenses for Jira Core/helpdesk, Confluence, and Hipchat.
When we go to the Jira address and sign in, we'd like to also be signed in already for Confluence(as well as Hipchat once we install it). Both of the applications are being authenticated by Active Directory, but we still have to log in twice.
I've found some single sign on documentation that discusses doing something like this with the application, "Crowd". Is there another way to do this without having to purchase an application license for yet another Atlassian product?
Thanks!
Hi Matt,
There are a lot of SSO options but there are usually costs associated. There is Crowd, as you mentioned: Single Sign-on Integration with the Atlassian stack and there are also several third party plugins that can be used: SSO plugins on Atlassian Marketplace. Finally, you may develop your own custom authenticator if you have the resources: Atlassian Seraph
I look forward to hearing which option works for your team.
Thanks,
Ann
Thanks Ann!
So to be sure, the documentation found here:
Connecting Confluence to Jira applications for User Management
This is only for user management and if this particular option is used, it will not result in SSO. Is that correct? Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It will not result in SSO, just a common user base and single source of user management.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you Ann. We've now purchased the Crowd license and are ready to install it. I already have Jira Core/Helpdesk and Confluence installed on Server 2012.
What do you need to know to help me figure out which archive file to download and which guide should I follow? Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Matt,
The archive download link and installation instructions are in this guide: Installing Crowd and CrowdID.
The SSO instructions (with lots of important details) are in this doc: Overview of SSO
These guides are linked on the Overview doc, but I thought I would break them out for your convenience:
Integrating Crowd with Atlassian JIRA
Integrating Crowd with Atlassian Confluence
Looking forward to hearing how you fare.
Cheers,
Ann
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ann, Thanks again!
So I downloaded atlassian-crowd-3.1.2.zip.
I configured the install and home directories just as described in the guide.
I edited the crowdinit.properties file with the correct location of the home directory and saved it..
I created a crowd database and user in postgresql
I ran the start-up script, found in {CROWD_INSTALL} directory: start_crowd.bat
Pointed a web browser at http://localhost:8095/crowd
And alas no wizard appears.
Any common gotchas I'm not thinking of? Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What does appear in the browser at http://localhost:8095/crowd - just a "page not found" error?
Please check for error messages in the logs:
* <crowd-home>/logs
* <crowd-install>/apache-tomcat/logs
Since you are on Windows, one gotcha is clicking on the batch file to start up instead of running it at an elevated command prompt. Another one is closing the command window launched by the script - that closes down the web server.
I look forward to hearing more about the issue. For testing I did an install just now to try the archive and the process; the setup wizard appeared as expected.
If you find the solution, please follow up to let us know.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You guessed it! I tried opening the batch file as administrator without the cmd prompt.
I tried again in elevated cmd prompt and it seemed to be working but when I go to the address I see this:
HTTP Status 500 – Internal Server Error
Type Exception Report
Message Illegal char <:> at index 3: jar:file:\C:\CROWD_INSTALL\apache-tomcat\webapps\..\..\crowd-webapp\WEB-INF\lib\struts2-core-2.5.13.jar
Description The server encountered an unexpected condition that prevented it from fulfilling the request...
Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Also had to declare the environmental variables for JAVA_HOME, I have jdk-9.0.4
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Uh-oh - That JAVA version is not a supported platform and may have caused the internal server error: Supported Platforms
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I see! Thank you.
Now, I've uninstalled that and installed the correct version and the Crowd setup is now available. I'm now to the Database configuration page.
If I set up my db through postgres, which option do I pick? The JNDI datasource?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
JDBC is the easiest and most common option. You can configure it during the setup wizard whereas the datasource has to be present in server.xml. It can be changed later so I would pick JDBC to get started.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Perfect! And finally, is OpenID necessary for single-sign-on across the Jira applications and if not, can I enable it later if I choose not to now?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Crowd is one option, another is to get SAML apps for each tool and use Active Directory Federation Services.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.