Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SSO: stash -- crowd console, works one way but not the other

I have crowd and stash installed behind a Apached proxy, all operating on the same machine (with the same IP address). I've configured both according to all the documentation I can find. If I log into Crowd Console, SSO works fine on Stash. If I log into Stash, there is no SSO for Crowd Console (IOW, I have to log into Crowd Console even though I'm logged into Stash via Crowd). I'm at a loss how to fix this. Suggestions?

3 answers

1 accepted

0 votes
Answer accepted

Apparently I wasn't correctly proxying in Apache. After I changed the proxy to be the following, everything worked.

ProxyRequests Off
    ProxyPreserveHost On

    ProxyPass /crowd  http://localhost:8095/crowd
    ProxyPassReverse /crowd  http://localhost:8095/crowd

    ProxyPass /stash http://localhost:7990/stash
    ProxyPassReverse /stash http://localhost:7990/stash

Hi Robert,

I just wanted to confirm. You managed to get SSO working?

Charles

Hi Robert,

The SSO configuration sometimes is tricky, but there are some key points that I'd suggest you to check, they are the following:

1. Ensure that the URLs being used to access each application and the SSO Domain value stored in Crowd are valid and match the pattern;
2. Ensure that all applications are using the Crowd authenticator at their WEB-INF/classes/seraph-config.xml files;
3. Ensure that the Directories that are assigned to each application in Crowd, If more than one, are in the exact same order;
4. If there are proxy servers being used between Crowd and the applications, make sure to add their IP addresses to theTrusted Proxy Servers list in Crowd.

I hope this information has helped.

Cheers

Thanks. Here's what I've configured:

  1. The URLs are all D.C.B.A/X, like D.C.B.A/stash or D.C.B.A/crowd. The SSO Domain is D.C.B.A
  2. Stash doesn't use Seraph and doesn'thave a seraph-config.xml file.
  3. The directories are in the same order, but aren't identical. No users are shared between directories. IOW, user X exists in only one directory.
  4. There is a proxy server and its address in the Trusted Proxy Server's list, and also it is the same IP as each of the Atlassian applications which are standalone.

All of this was the existing configuration which had the problem described above. So none of this fixed the problem.

In addition, I'd suggest you specially to check if is correctly informed the application name in the crowd.properties file on your application.

Please check this documentation for more information:

https://confluence.atlassian.com/display/CROWD/Troubleshooting+SSO+with+Crowd

Bernardo

Thanks. Yep, had did that already.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Service Management

JSM June Challenge #2: Share how your business teams became ITSM rockstars

For JSM June Challenge #2, share how your non-technical teams like HR, legal, marketing, finance, and beyond started using Jira Service Management! Tell us: Did they ask to start using it or...

300 views 9 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you