Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,296,259
Community Members
 
Community Events
165
Community Groups

SSO Integration with Jenkins from Atlassian Crowd

Edited

Dear Team,

This is regarding SSO Integration with Jenkins from Atlassian Crowd

My Environment as follows,

Crowd Version – 3.2.0

Apache Tomcat Version - 9.0.10

Jenkins Version – 2.121.3(LTS)

Crowd2 Integration -  2.0.0

Currently through our Atlassian Crowd AD based centralized login is working perfectly with our Jenkins application. However I am looking the way to configure SSO. To enable SSO I tired the below.

In our Crowd application--> General Tab--> Single Sign-On cookie settings-->SSO domain--> I have added my Crowd server IP address.

Then in Jenkins Under Configure Global Security--> Crowd 2 --> Enabled  Use SSO

Also in cookie.domain--> Entered my Crowd Server IP Address

 As per the following link,

 https://confluence.atlassian.com/crowd/integrating-crowd-with-a-custom-application-192511.html?_ga=2.186629472.877854680.1534404283-1799378142.1526973315

I have copied the below to my Jenkins.

  1. crowd/client/crowd-integration-client-3.2.0.jar to /opt/apache-tomcat-9.0.10/webapps/jenkins/WEB-INF/lib/
  2. crowd/client/lib/* (All jar files) to /opt/apache-tomcat-9.0.10/webapps/jenkins/WEB-INF/lib/
  3. crowd/client/conf/crowd.properties to /opt/apache-tomcat-9.0.10/webapps/jenkins/WEB-INF/classes/

i have edited my crowd.properties file with required information. Also I am passing my -Dcrowd.properties={FILE-PATH}/crowd.properties in my Jenkins Service. However still not working. Means (We have integrated Jenkins, Gerrit, SonarQube & Jira in our  crowd.

First I have connected my Jira, then I tried to open my Jenkins link, But it is not connecting automatically. Could please help me enable SSO for Jenkins.

1 answer

Hi @Mohan S

The problem here is the SSO domain. This should not be set to your Crowd server IP but to the domain name of your applications.

For instance, if your apps URLs are like 'https://jira.mydomain.com', 'https://jenkins.mydomain.com', 'https://crowd.mydomain.com' then your SSO domain must be set to mydomain.com both in Crowd and Jenkins configuration.

Hi Bruno, Ok thanks for the information. Actually in my Crowd server.i am trying to set the SSO Domain name as - .sa.sisl.testdomain.net whereas it shows below error.

The supplied domain is invalid.

SSO Domain issue fixed earlier I have connected my crowd application IP address. Later with the help of - https://confluence.atlassian.com/crowdkb/unable-to-set-sso-domain-due-to-error-the-supplied-domain-is-invalid-203392701.html

Link corrected the same added my domain.

I have got the DNS entry for only to my Crowd Server, similarly do I need to use only domain(DNS) for my Jenkins application as well? Crowd doesn’t support IP address based application? Kindly confirm.

Crowd SSO relies upon a cookie, so yes, all your applications URLs must have the same domain name, which means that your Jenkins server must have a DNS entry in that very domain.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

315 views 0 10
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you