How to integrate Jira with my company's SSO

Deleted user November 30, 2011

In my company, we have a SSO system for web applications.

Now I want to integrate Jira with this system and I have some questions:

1. How can I configure or do some development to make Jira redirect login request to the SSO system?

2. After user login, the SSO system will redirect to Jira with user info. How can I make Jira log user in with these info?

I searched some article saying 'serpha' could help? I am not sure.

Please help to give solution to this problem.

Thanks & Regards,

Yaoyu

4 answers

1 accepted

5 votes
Answer accepted
Wojciech Seliga
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 30, 2011

Hi,

Close. "Seraph", not serpha :)

This is an Atlassian library which JIRA (and other Atlassian products) use to authenticate users - http://docs.atlassian.com/atlassian-seraph/latest/

You may take a look at this documentation on how to write custom seraph authenticator: http://docs.atlassian.com/atlassian-seraph/latest/sso.html

There a nice page describing how this works in ... Confluence (but it should be similar in JIRA too): https://developer.atlassian.com/display/CONFDEV/HTTP+authentication+with+Seraph

I recommend taking a look at the source code of the current implementations used by JIRA: com.atlassian.jira.security.login.SSOSeraphAuthenticator and com.atlassian.crowd.integration.seraph.v25.CrowdAuthenticator

You should also take a look at http://confluence.atlassian.com/display/DEV/Single+Sign-on+Integration+with+JIRA+and+Confluence

answers.atlassian.com has a dedicated label for serpah-related questions - https://answers.atlassian.com/tags/seraph/ - but there are not yet many entries there.

Deleted user November 30, 2011

Hi Seliga,

Very helpful information.

Thanks very much

Yaoyu

Deleted user July 3, 2012

Hi Seliga,

Now Jira is integrated with my company's SSO. thanks very much for your information.

Now I encounter a new problem. System can log user in system and work, but from Administration page, all users login details are not recorded.

Could you please help to advise how can I record the user login detail using API?

Thanks in advance.

Regards,

Yaoyu

Wojciech Seliga
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 4, 2012

Hey,

Login attempts are recorded through com.atlassian.jira.security.login.LoginManager (e.g. onLoginAttempt() method) which uses com.atlassian.jira.security.login.LoginStore. LoginManager is used by com.atlassian.jira.security.login.JiraElevatedSecurityGuard which is configured normally in seraph-config.xml.

Although I've not worked on this piece of code, I think you could call LoginManager or LoginStore methods from your filter directly or use similar elevatedsecurityguard as the one used by default.

I hope it helps.

Cheers,

Wojtek

Deleted user July 5, 2012

Hi wojtek,

The code works for recording the login information.

Thanks very much.

Regards,

Yaoyu

Tobias Sarnow
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 28, 2013

Hi Wojciech,

I'm really thankful for your answer, but the web pages seem to be really outdated. For example the http://docs.atlassian.com/atlassian-seraph/latest/sso.html.

The DefaultAuthenticator in Jira 5.2 needs to implement other Methods so I got stuck with that.

What I try to achive is login via specific http header and thats it.
I'm using Jira behind a corperate Firewall and its also used as reverse proxy. So usaly the request to Jira go first to the apache server and he does the authentification. Next the request gets forwarded with http header information and in my case its trusted. So I dont need to login again.

Is this possible with Jira?

Zee Xia August 16, 2017

Hi, Seliga,

I'm also trying to integrate JIRA with our company's SSO. The approach and documentaions you provided are using Java, but the technolog we're using is .Net C#.  Do you have any suggestions or documenations for integrating JIRA with our company's SSO with .NET C# technology.  

Thank you,

Zee Xia

0 votes
Tobias Sarnow
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 18, 2013

Hi dan,
After a while I figured it out by mayself. Please see Stack Overflow http://stackoverflow.com/questions/16273566/jira-5-2-seraph-sso-login-behind-reverse-proxy

Hope that it will help you.

Cheers, Tobias

0 votes
dang July 18, 2013

Indeed it seems that the "latest" info at http://docs.atlassian.com/atlassian-seraph/latest/sso.html is completely out of date.

Does any body have a link to build instructions for a custom Seraph authenticator? I have some basic code that I want to test, but can't get past the Maven unresolved deps problem:

[ERROR] Failed to execute goal on project dmajsso: Could not resolve dependencies for project uk.co.dma:dmajsso:jar:0.2-SNAPSHOT: The following artifacts could not be resolved: opensymphony:webwork:jar:1.4-atlassian-22, webwork:pell-multipart-request:jar:1.31.0, osworkflow:osworkflow:jar:2.8.1, opensymphony:propertyset:jar:1.5 .....

(and more lines)

Example pom.xml for a custom Seraph authenticator would be great ....

Tobias Sarnow
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 18, 2013

Hi dan,
After a while I figured it out by mayself. Please see Stack Overflowhttp://stackoverflow.com/questions/16273566/jira-5-2-seraph-sso-login-behind-reverse-proxy

Hope that it will help you.

Cheers, Tobias

Anirudha Karwa June 16, 2014

Hello All,

I also want to integrate JIRA with company's SSO. I am using Jira version 4.4.4. I have a couple of questions.

1. Does the seraph support Jira 4.4.4v?

2. Searph by default is in Java. Is it available in ASP.net/C#? We are not working on Java.

Any help is appreciated.

Thanks in advance.

0 votes
Wojciech Seliga
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 30, 2011

I've added seraph tag to your question.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events