Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

What is the right way to create the Crowd SSO cookie in custom .Net application Edited

Rizwan Basha
Rizwan Basha Jun 23, 2017

I am trying to create a Crowd client for a custom .Net application.  And from other questions on this forum I understand that I need to create a cookie for the token returned by SSO Authentication Crowd REST API.  And that I need to submit ValidationFactors with these 2 specific items: "remote_address" and "X-Forwarded-For".  I found this information in this post:  https://community.atlassian.com/t5/Answers-Developer-Questions/SSO-Between-Confluence-and-Custom-Web-Application/qaq-p/509239.

My code creates the SSO cookie accordingly.  However, JIRA and Confluence do not recognize the cookie created by my custom .net application; but they recognize each other's cookies.  So after logging in on the custom application, I would have to again login to JIRA.

Has anyone accomplished this in the recent versions of Crowd?  Any ideas please?

Thanks,
Rizwan Basha

Answer
Watch
Like Be the first to like this

1 answer

0 votes
Jackson Ong
Jackson Ong Jul 31, 2018

HI, I have a similar issue. 

My application : SSL and authenticates to crowd. (No problem)

Confluence : uses actual port 8090, but uses url rewrite to run on SSL.  

So, in actual fact both application are on SSL, only that confluence uses ARR or url rewrite. When I access via https to confluence , it does not work, but if access via port 8090, it works. e.g https://knowledge.example,com will not work, http://knowledge.example.com:8090 will work. After accessing via 8090, https://knowledge.example.com will log on.

 

I have few other issue before maybe you  should check following as well:

1. If your custom application is on a load balancer, you will use X-forward-for to get client ip, if you have no load balancer, you will only use remote_addr.

2. The other thing, you can try direct access via the confluence port 8090, instead of through a url rewrite. 

I am still trying to figure out why url rewrite does not work.

Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Dave Meyer
Dave Meyer
Published Wednesday in Jira

Make your Atlassian Cloud products more secure: our NEW admin security guide

Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...

102 views 0 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you