Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSO for Jira 5.2: How do I redirect to the login page?

Jörg Brandstätt2
Jörg Brandstätt September 2, 2013

Hi,

I'm trying to integrate Jira (5.2) into our company's ADFS 2.0 to enable single sign on using SAML.

I've written a custom Authenticator (as subclass of JiraSeraphAuthenticator). This authenticator's method getUser(HttpServletRequest req,HttpServletResponse res) extracts the userid from a SAMLResponse and checks the CrowdService for a user with this id.

This is working as expected- If I log in on the ADFS page, I'm logged in correctly.

My problem is now how to redirect to the ADFS login page. I've tried writing a subclass of SecurityFilter that creates the SAML-request and redirects to the ADFS instead of the Seraph login URL, but it seems like this is never happening- I only see the Jira login form. It seems like the decision to request the user to login is happening somewhere else.

Any Idea where I have to put my piece of code to make Jira redirecting to the ADFS page instead of showing it's own login page?

I thought the LoginFilter could be a place, but as far as I understand it, this filter kicks in after the login form is shown.

thank you very much in advance

Kind Regards

Jörg

Answer
Watch
Like Be the first to like this
1258 views

2 answers

0 votes
Jörg Brandstätt2
Jörg Brandstätt October 8, 2013

It came out that I had some misunderstandings about SAML IdP and SP-initiated SSO.

I changed the login.url parameter in seraph-config.xml to

https://adfs.ourcompany.com/adfs/ls/IdpInitiatedSignOn.aspxLoginToRP=jira

where jira is the identifier configured on ADFS for Jira. This is working, ADFS is redirecting me back to Jira with the required SAML message.

Reply
0 votes
resah
resah
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 11, 2013

Hi Jörg,

as far as I know you can configure your custom login URL in WEB-INF/classes/seraph-config.xml

BUT since I am writing a Jira 6 Authenticator myself right now and configuring these URLs didn't work for me, I am at a loss about that, too.

Maybe this configuration works for you?

Kind Regards

Theresa

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events