It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to integrate Jira with my company's SSO

yaoyu he Nov 30, 2011

In my company, we have a SSO system for web applications.

Now I want to integrate Jira with this system and I have some questions:

1. How can I configure or do some development to make Jira redirect login request to the SSO system?

2. After user login, the SSO system will redirect to Jira with user info. How can I make Jira log user in with these info?

I searched some article saying 'serpha' could help? I am not sure.

Please help to give solution to this problem.

Thanks & Regards,

Yaoyu

4 answers

1 accepted

5 votes
Answer accepted
Wojciech Seliga Nov 30, 2011

Hi,

Close. "Seraph", not serpha :)

This is an Atlassian library which JIRA (and other Atlassian products) use to authenticate users - http://docs.atlassian.com/atlassian-seraph/latest/

You may take a look at this documentation on how to write custom seraph authenticator: http://docs.atlassian.com/atlassian-seraph/latest/sso.html

There a nice page describing how this works in ... Confluence (but it should be similar in JIRA too): https://developer.atlassian.com/display/CONFDEV/HTTP+authentication+with+Seraph

I recommend taking a look at the source code of the current implementations used by JIRA: com.atlassian.jira.security.login.SSOSeraphAuthenticator and com.atlassian.crowd.integration.seraph.v25.CrowdAuthenticator

You should also take a look at http://confluence.atlassian.com/display/DEV/Single+Sign-on+Integration+with+JIRA+and+Confluence

answers.atlassian.com has a dedicated label for serpah-related questions - https://answers.atlassian.com/tags/seraph/ - but there are not yet many entries there.

yaoyu he Nov 30, 2011

Hi Seliga,

Very helpful information.

Thanks very much

Yaoyu

yaoyu he Jul 03, 2012

Hi Seliga,

Now Jira is integrated with my company's SSO. thanks very much for your information.

Now I encounter a new problem. System can log user in system and work, but from Administration page, all users login details are not recorded.

Could you please help to advise how can I record the user login detail using API?

Thanks in advance.

Regards,

Yaoyu

Wojciech Seliga Jul 04, 2012

Hey,

Login attempts are recorded through com.atlassian.jira.security.login.LoginManager (e.g. onLoginAttempt() method) which uses com.atlassian.jira.security.login.LoginStore. LoginManager is used by com.atlassian.jira.security.login.JiraElevatedSecurityGuard which is configured normally in seraph-config.xml.

Although I've not worked on this piece of code, I think you could call LoginManager or LoginStore methods from your filter directly or use similar elevatedsecurityguard as the one used by default.

I hope it helps.

Cheers,

Wojtek

yaoyu he Jul 05, 2012

Hi wojtek,

The code works for recording the login information.

Thanks very much.

Regards,

Yaoyu

Tobias Sarnow Apr 28, 2013

Hi Wojciech,

I'm really thankful for your answer, but the web pages seem to be really outdated. For example the http://docs.atlassian.com/atlassian-seraph/latest/sso.html.

The DefaultAuthenticator in Jira 5.2 needs to implement other Methods so I got stuck with that.

What I try to achive is login via specific http header and thats it.
I'm using Jira behind a corperate Firewall and its also used as reverse proxy. So usaly the request to Jira go first to the apache server and he does the authentification. Next the request gets forwarded with http header information and in my case its trusted. So I dont need to login again.

Is this possible with Jira?

Zee Xia Aug 16, 2017

Hi, Seliga,

I'm also trying to integrate JIRA with our company's SSO. The approach and documentaions you provided are using Java, but the technolog we're using is .Net C#.  Do you have any suggestions or documenations for integrating JIRA with our company's SSO with .NET C# technology.  

Thank you,

Zee Xia

0 votes
Wojciech Seliga Nov 30, 2011

I've added seraph tag to your question.

0 votes
dan garton Jul 18, 2013

Indeed it seems that the "latest" info at http://docs.atlassian.com/atlassian-seraph/latest/sso.html is completely out of date.

Does any body have a link to build instructions for a custom Seraph authenticator? I have some basic code that I want to test, but can't get past the Maven unresolved deps problem:

[ERROR] Failed to execute goal on project dmajsso: Could not resolve dependencies for project uk.co.dma:dmajsso:jar:0.2-SNAPSHOT: The following artifacts could not be resolved: opensymphony:webwork:jar:1.4-atlassian-22, webwork:pell-multipart-request:jar:1.31.0, osworkflow:osworkflow:jar:2.8.1, opensymphony:propertyset:jar:1.5 .....

(and more lines)

Example pom.xml for a custom Seraph authenticator would be great ....

Tobias Sarnow Jul 18, 2013

Hi dan,
After a while I figured it out by mayself. Please see Stack Overflowhttp://stackoverflow.com/questions/16273566/jira-5-2-seraph-sso-login-behind-reverse-proxy

Hope that it will help you.

Cheers, Tobias

Anirudha Karwa Jun 16, 2014

Hello All,

I also want to integrate JIRA with company's SSO. I am using Jira version 4.4.4. I have a couple of questions.

1. Does the seraph support Jira 4.4.4v?

2. Searph by default is in Java. Is it available in ASP.net/C#? We are not working on Java.

Any help is appreciated.

Thanks in advance.

0 votes
Tobias Sarnow Jul 18, 2013

Hi dan,
After a while I figured it out by mayself. Please see Stack Overflow http://stackoverflow.com/questions/16273566/jira-5-2-seraph-sso-login-behind-reverse-proxy

Hope that it will help you.

Cheers, Tobias

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Next-gen

Introducing subtasks for breaking down work in next-gen projects

Teams break work down in order to help simplify complex tasks. This is often done iteratively, with tasks being broken down into smaller tasks and so on until the work is accurately captured in well-...

8,106 views 24 36
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you