Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,363,464
Community Members
 
Community Events
168
Community Groups

Crowd SSO and JIRA does not allow me to login to JIRA

I am able to configure JIRA 5.x and Fisheye 2.8.x to use Crowd 2.6.x for user authenication, which allows me to login to both applicatins.

When I turn on SSO for Fisheye I can still login to Fisheye.

When i turn on SSO for JIRA based on these instructions https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+JIRA I can not login to JIRA.

Here is the log entires from crowd after SSO is enabled in JIRA:

2013-03-29 12:37:50,771 http-8095-10 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] Authenticating user: ht1792
2013-03-29 12:37:50,775 http-8095-10 DEBUG [atlassian.crowd.directory.SpringLDAPConnector] Performing user search: baseDN = dc=itservices,dc=sbc,dc=com - filter = (&(&(objectCategory=Person)(sAMAccountName=*))(sAMAccountName=ht1792))
2013-03-29 12:37:51,228 http-8095-10 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] generateUserToken: user ht1792
2013-03-29 12:37:51,229 http-8095-10 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: ht1792
2013-03-29 12:37:51,229 http-8095-10 DEBUG [manager.token.factory.TokenKeyGeneratorImpl] Generating Token for principal: ht1792
2013-03-29 12:37:51,230 http-8095-10 DEBUG [crowd.dao.token.TokenDAOHibernate] Updating object: Token{identifierHash='gEECB0AxG4M0O75ApfqYEg00', lastAccessedTime=1364578671230, createdDate=2013-03-29 11:51:31.261, duration=null, name='ht1792', directoryId=32771}
2013-03-29 12:37:51,230 http-8095-10 DEBUG [crowd.manager.authentication.TokenAuthenticationManagerImpl] User <ht1792> has access to the application <itracktest>

Any help would be appricated.

3 answers

1 accepted

0 votes
Answer accepted

I check all three configuration and it all looks good.

I can get crowd to authentication users for JIRA and Fisheye (SSO disable for JIRA).

The problem is when I edit the file seraph-config.xml to enable SSO for JIRA. I cannot log into JIRA anymore.

Fisheye url - http://icode.test.att.com/</span<>>

JIRA url - http://scm.test.att.com:8071/

Crowd SSO domain - .test.att.com

Not sure what I am doing wrong.


Jerome,

1. What are the URLs being used to access each application?
2. What is the [SSO Domain|http://confluence.atlassian.com/display/CROWD/Domain] value stored in Crowd?
3. Are both applications using the Crowd authenticator at their *WEB-INF/classes/seraph-config.xml* files? Are all the configuration inside *crowd.properties* correct?
4. How many Directories are assigned to each application in Crowd? If more than one, are they in the exact same [order|http://confluence.atlassian.com/display/CROWD/Specifying+the+Directory+Order+for+an+Application]?
5. Are proxy servers being used between Crowd and the applications? If so, please add their IP addresses to the [Trusted Proxy Servers list|http://confluence.atlassian.com/display/CROWD/Configuring+Trusted+Proxy+Servers] in Crowd

Cheers,

WZ

Hi Jerome,

For this kind of issue since you have confirmed that disabling the SSO allow your JIRA integration to work hence the issue might be caused by SSO configuration or environmental issue. Please double check the following configuration:

  • JIRA's crowd.properties
  • Ensure that your SSO domain is configured correctly
  • Check if there are any proxy in between JIRA and Crowd that might messed up the SSO cookies

Hope it helps.

Cheers,
Septa Cahyadiputra

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events