You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
We have so far used the Confluence Shibboleth authenticator for our Confluence wiki. Now we are testing the Nordunet Shibboleth authenticator for Crowd and Crowd for authentication.
For local users authentication via Crowd is working as it should, but not for Shibboleth users. Shibboleth authentication causes the user to be created to Crowd and syncronized to Confluence correctly. The user is correctly redirected to Confluence, but a Confluence session is not created. How does Crowd transmit the information about the session to Confluence? Where should I look for the problem?
I had it finally working. There were a number of problems.
When using the Shibboleth autheticator the user is first sent to the SP, then to Crowd that sets the SSO cookie and finally to the application. It is somewhat complicated and therefore easy to get wrong.
I'm not sure if this helps, but in the traditional way of connecting Confluence to Crowd, Crowd doesn't transmit information about the session to Confluence. Instead, when a user logs in to Confluence, then Confluence sends that username and password to Crowd, and Crowd gives it back a session cookie which Confluence sets in the user's browser. When that user makes subsequent requests to Confluence, then Confluence sends that session cookie back to Crowd, and if that session cookie is valid then Crowd will send back the associated user to Confluence.
I don't know the Shibboleth plugins affect this, but maybe this will help to clarify your understanding.