We have so far used the Confluence Shibboleth authenticator for our Confluence wiki. Now we are testing the Nordunet Shibboleth authenticator for Crowd and Crowd for authentication.
For local users authentication via Crowd is working as it should, but not for Shibboleth users. Shibboleth authentication causes the user to be created to Crowd and syncronized to Confluence correctly. The user is correctly redirected to Confluence, but a Confluence session is not created. How does Crowd transmit the information about the session to Confluence? Where should I look for the problem?
I had it finally working. There were a number of problems.
When using the Shibboleth autheticator the user is first sent to the SP, then to Crowd that sets the SSO cookie and finally to the application. It is somewhat complicated and therefore easy to get wrong.
I'm not sure if this helps, but in the traditional way of connecting Confluence to Crowd, Crowd doesn't transmit information about the session to Confluence. Instead, when a user logs in to Confluence, then Confluence sends that username and password to Crowd, and Crowd gives it back a session cookie which Confluence sets in the user's browser. When that user makes subsequent requests to Confluence, then Confluence sends that session cookie back to Crowd, and if that session cookie is valid then Crowd will send back the associated user to Confluence.
I don't know the Shibboleth plugins affect this, but maybe this will help to clarify your understanding.
For JSM June Challenge #2, share how your non-technical teams like HR, legal, marketing, finance, and beyond started using Jira Service Management! Tell us: Did they ask to start using it or...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events