Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What is the right way to create the Crowd SSO cookie in custom .Net application

Rizwan Basha
Rizwan Basha June 23, 2017

I am trying to create a Crowd client for a custom .Net application.  And from other questions on this forum I understand that I need to create a cookie for the token returned by SSO Authentication Crowd REST API.  And that I need to submit ValidationFactors with these 2 specific items: "remote_address" and "X-Forwarded-For".  I found this information in this post:  https://community.atlassian.com/t5/Answers-Developer-Questions/SSO-Between-Confluence-and-Custom-Web-Application/qaq-p/509239.

My code creates the SSO cookie accordingly.  However, JIRA and Confluence do not recognize the cookie created by my custom .net application; but they recognize each other's cookies.  So after logging in on the custom application, I would have to again login to JIRA.

Has anyone accomplished this in the recent versions of Crowd?  Any ideas please?

Thanks,
Rizwan Basha

Answer
Watch
Like Be the first to like this
696 views

1 answer

0 votes
Jackson Ong
Jackson Ong July 31, 2018

HI, I have a similar issue. 

My application : SSL and authenticates to crowd. (No problem)

Confluence : uses actual port 8090, but uses url rewrite to run on SSL.  

So, in actual fact both application are on SSL, only that confluence uses ARR or url rewrite. When I access via https to confluence , it does not work, but if access via port 8090, it works. e.g https://knowledge.example,com will not work, http://knowledge.example.com:8090 will work. After accessing via 8090, https://knowledge.example.com will log on.

 

I have few other issue before maybe you  should check following as well:

1. If your custom application is on a load balancer, you will use X-forward-for to get client ip, if you have no load balancer, you will only use remote_addr.

2. The other thing, you can try direct access via the confluence port 8090, instead of through a url rewrite. 

I am still trying to figure out why url rewrite does not work.

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events