We have so far used the Confluence Shibboleth authenticator for our Confluence wiki. Now we are testing the Nordunet Shibboleth authenticator for Crowd and Crowd for authentication.
For local users authentication via Crowd is working as it should, but not for Shibboleth users. Shibboleth authentication causes the user to be created to Crowd and syncronized to Confluence correctly. The user is correctly redirected to Confluence, but a Confluence session is not created. How does Crowd transmit the information about the session to Confluence? Where should I look for the problem?
I had it finally working. There were a number of problems.
When using the Shibboleth autheticator the user is first sent to the SP, then to Crowd that sets the SSO cookie and finally to the application. It is somewhat complicated and therefore easy to get wrong.
I'm not sure if this helps, but in the traditional way of connecting Confluence to Crowd, Crowd doesn't transmit information about the session to Confluence. Instead, when a user logs in to Confluence, then Confluence sends that username and password to Crowd, and Crowd gives it back a session cookie which Confluence sets in the user's browser. When that user makes subsequent requests to Confluence, then Confluence sends that session cookie back to Crowd, and if that session cookie is valid then Crowd will send back the associated user to Confluence.
I don't know the Shibboleth plugins affect this, but maybe this will help to clarify your understanding.
We’re excited to invite you to this action-packed webinar where we will demonstrate how to integrate Opsgenie’s powerful alerting and on-call management tools with your entire Atlassian stack. Mar...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs