Jira 7 CAS Authentication - How to Direct to CAS Rather Than Jira Login

bgreen4 January 24, 2018

Hi, all-- I have CAS authentication working with Jira 7, but if a user is not authentication via CAS and hits our Jira URL, they see a login dialog and have to click on the 'Login' link in the top right-hand corner of the page in order to log in via CAS.

 

In our previous Jira installation (version 6), users were immediately directed to the CAS login page when hitting the Jira URL if they weren't already authenticated.

 

So: how do I accomplish this? I'm comparing the configuration between our previous installation and this one, and can't seem to figure out how this was being accomplished.  I had come across a tutorial on the Web that seems to indicate that setting 'login.url' in seraph-config.xml to the CAS login URL would do the trick (<param-name>login.url</param-name>), but it hasn't worked for me.

 

Thanks!

Bryan

2 answers

1 vote
bgreen4 January 31, 2018

Yes, these are some of the instructions I was following.  CAS login works just fine-- but you have to click on the 'login' button in the top-right corner of the page to get to CAS login, rather than being directed there automatically if you aren't already authenticated.

 

It's very confusing as it stands now, because users are seeing a Jira login screen when they navigate to Jira, and think that that is where they should login.

 

I'll double-check everything-- maybe I missed something.

 

 

Karen Lee February 17, 2018

Agreed!  You can set jira.disable.login.gadget = true, but never the less, you still need to have an extra click on the top-right corner of the page to actually get logged in.  No credentials are required, but it's the extra click that is confusing for users.

bgreen4 August 14, 2018

No, I was able to get things configured to where you are taken directly to the CAS login screen and don't have to click on the 'Login' button (when you hit the Jira URL and aren't authenticated, you are immediately taken to our CAS login page).  I'd have to review what I did to make that work, though.

Jason Kanaris January 3, 2019

...

Krzysztof Czeladko March 7, 2019

Hi

Maybe u can leave it how it is: user need to click "log in" at top right corner but force Jira only for "loged in users" = anonymous access is not allowed by turning on dark feature from this link https://jira.atlassian.com/plugins/servlet/mobile#issue/JRASERVER-65521

That should force redirect to login page and login page redirect to cas

0 votes
somethingblue
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 31, 2018

Hi Bryan,

I found an article from one of our Silver Solution partners Ascend Integrated that may help as well titled Integrating JIRA and SSO Using CAS.  This shows the modifications needed to web.xml, seraph-config.xml and the jar files need to make this work.

There are about four places you need to put your CAS information according to this document.  In addition there a some modifications to web.xml just above the “THIS MUST BE THE LAST FILTER IN THE DEFINED CHAIN” comment that need to be added to make this work.

Please review Integrating JIRA and SSO Using CAS and let us know if you need any further assistance. 

Cheers,

Branden

Suggest an answer

Log in or Sign up to answer