Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

SSO Integration with Jenkins from Atlassian Crowd

Mohan S August 16, 2018

Dear Team,

This is regarding SSO Integration with Jenkins from Atlassian Crowd

My Environment as follows,

Crowd Version – 3.2.0

Apache Tomcat Version - 9.0.10

Jenkins Version – 2.121.3(LTS)

Crowd2 Integration -  2.0.0

Currently through our Atlassian Crowd AD based centralized login is working perfectly with our Jenkins application. However I am looking the way to configure SSO. To enable SSO I tired the below.

In our Crowd application--> General Tab--> Single Sign-On cookie settings-->SSO domain--> I have added my Crowd server IP address.

Then in Jenkins Under Configure Global Security--> Crowd 2 --> Enabled  Use SSO

Also in cookie.domain--> Entered my Crowd Server IP Address

 As per the following link,

 https://confluence.atlassian.com/crowd/integrating-crowd-with-a-custom-application-192511.html?_ga=2.186629472.877854680.1534404283-1799378142.1526973315

I have copied the below to my Jenkins.

  1. crowd/client/crowd-integration-client-3.2.0.jar to /opt/apache-tomcat-9.0.10/webapps/jenkins/WEB-INF/lib/
  2. crowd/client/lib/* (All jar files) to /opt/apache-tomcat-9.0.10/webapps/jenkins/WEB-INF/lib/
  3. crowd/client/conf/crowd.properties to /opt/apache-tomcat-9.0.10/webapps/jenkins/WEB-INF/classes/

i have edited my crowd.properties file with required information. Also I am passing my -Dcrowd.properties={FILE-PATH}/crowd.properties in my Jenkins Service. However still not working. Means (We have integrated Jenkins, Gerrit, SonarQube & Jira in our  crowd.

First I have connected my Jira, then I tried to open my Jenkins link, But it is not connecting automatically. Could please help me enable SSO for Jenkins.

1 answer

0 votes
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 23, 2018

Hi @Mohan S

The problem here is the SSO domain. This should not be set to your Crowd server IP but to the domain name of your applications.

For instance, if your apps URLs are like 'https://jira.mydomain.com', 'https://jenkins.mydomain.com', 'https://crowd.mydomain.com' then your SSO domain must be set to mydomain.com both in Crowd and Jenkins configuration.

Mohan S August 23, 2018

Hi Bruno, Ok thanks for the information. Actually in my Crowd server.i am trying to set the SSO Domain name as - .sa.sisl.testdomain.net whereas it shows below error.

The supplied domain is invalid.

Mohan S August 23, 2018

SSO Domain issue fixed earlier I have connected my crowd application IP address. Later with the help of - https://confluence.atlassian.com/crowdkb/unable-to-set-sso-domain-due-to-error-the-supplied-domain-is-invalid-203392701.html

Link corrected the same added my domain.

Mohan S August 24, 2018

I have got the DNS entry for only to my Crowd Server, similarly do I need to use only domain(DNS) for my Jenkins application as well? Crowd doesn’t support IP address based application? Kindly confirm.

Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 24, 2018

Crowd SSO relies upon a cookie, so yes, all your applications URLs must have the same domain name, which means that your Jenkins server must have a DNS entry in that very domain.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events