Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

What is the right way to create the Crowd SSO cookie in custom .Net application

Rizwan Basha June 23, 2017

I am trying to create a Crowd client for a custom .Net application.  And from other questions on this forum I understand that I need to create a cookie for the token returned by SSO Authentication Crowd REST API.  And that I need to submit ValidationFactors with these 2 specific items: "remote_address" and "X-Forwarded-For".  I found this information in this post:

My code creates the SSO cookie accordingly.  However, JIRA and Confluence do not recognize the cookie created by my custom .net application; but they recognize each other's cookies.  So after logging in on the custom application, I would have to again login to JIRA.

Has anyone accomplished this in the recent versions of Crowd?  Any ideas please?

Rizwan Basha

1 answer

0 votes
Jackson Ong July 31, 2018

HI, I have a similar issue. 

My application : SSL and authenticates to crowd. (No problem)

Confluence : uses actual port 8090, but uses url rewrite to run on SSL.  

So, in actual fact both application are on SSL, only that confluence uses ARR or url rewrite. When I access via https to confluence , it does not work, but if access via port 8090, it works. e.g https://knowledge.example,com will not work, will work. After accessing via 8090, will log on.


I have few other issue before maybe you  should check following as well:

1. If your custom application is on a load balancer, you will use X-forward-for to get client ip, if you have no load balancer, you will only use remote_addr.

2. The other thing, you can try direct access via the confluence port 8090, instead of through a url rewrite. 

I am still trying to figure out why url rewrite does not work.

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events