Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to use a client token to authenticate on crowd server Edited

Hello,

Actually, I have a web service which is requested by my website, and I would like to use this web service to request an other web service which need crowd authentication.

The clients have a crowd token given by an other website which authenticate them on the crowd server and i would like to use this token on my web service to authenticate them on the crowd server. And by this way the web service can do request by their access and their name.

But it work if I use the session.post to create a token with their user password, but if i copy past or get the token from the authentication website it didn't work.

It's close from this organization:

I'm sorry if it isn't very well explained, don't hesitate to ask me if you have any question.

Thanks in advance.

1 answer

1 accepted

0 votes
Answer accepted
Bruno Vincent Community Leader Jun 01, 2019

Hi @theo 

Let's sum up what you have here:

User's Browser -> Web application -> Web Service A -> Web Service B

What you are facing here is what is detailed in the 'Cause' section of this KB.

From Web Service B's perspective, requests come from Web Service A's IP address, whereas the Crowd token that was initially generated was tied to your user's IP address.

You have two options here:

  • Option #1: uncheck 'Require Consistent Client IP Address' in Crowd's console as detailed here
  • Option #2: add the IP addresses of Web application and Web Service A to the list of trusted proxy servers in Crowd's console and make sure to add the user's IP address, Web Application's IP address and Web Service A's IP address (in that order) to the X-Forwarded-For header as detailed here 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Marketplace Apps & Integrations

Jira issue check and more advanced commit verifications for Bitbucket DC

Pre-receive hooks that verify the Git commit message, the modified files, and implement similar code change controls used to be requirements of large enterprises working in regulated industries only....

0 views 0 0
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you