You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I want to have a Single Sign On (SSO) solution. IMO, this means the following: You log in once (within the webbrowser), then you do not have to login anywhere else, but can use all applications. For example, I log in once to JIRA, then I can also use Confluence without logging in once again. Right?
Now assume, there is a legacy application. You can develop a plugin or use the Crowd API to integrate it into SSO. Therefore, you have to add additional code (from the Crowd API) to your application. E.g. you would have to integrate the application to your SSO-solution using the Crowd-API instead of communicating with LDAP directly within the application, right? You cannot integrate the application without making code changes within the application?
If there is a legacy Java application (say a standalone Swing or HTML application), where you cannot change any code - can you still integrate it to your SSO-solution with Atlassian Crowd anyhow?
Thanks for help, Kai.
Thanks, after reading your answer and some more documentation (http://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+a+Custom+Application), I know understand how it works.
It seems to be very easy to integrate custom applications (by writing some code / configuration).
I would say that it is impossible to know for sure Kai?! Both Confluence and Jira comes "out-of-the-box" with SSO turned off. But you can configure the application using the config files and another "driver" in order to use Crowd as SSO.
My point is - how are you legacy applications developed? Do they have a well documented configurable interface where security is implemented as a factory and all you have to do is configure the system to use the new "driver" instead of the default one? Can you turn on some sort of external security manager component thingy and tell the system to ask the external system instead of your existing security component?
If not - yes, I assume there will have to be some sort of code developed :)