Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SSO cookie ignored/overridden

I'm trying to use Crowd (2.2.7) and its REST APIs for authentication in a Django web application. I've been able to validate credentials and create SSO tokens, but the SSO cookies I set aren't recognised by my Confluence/JIRA instances (meaning I have to log in again). Logging in to either application overwrites the cookie that I set, but the Crowd console then shows two user sessions under "Administration > Current Sessions > User Sessions".

All applications are on the same domain (confluence.domain.com, jira.domain.com, etc.) and my browser is definitely sending the cookie that I set. I'm making my token creation request to https://crowd.domain.com/crowd/rest/usermanagement/1/session.json?validate-password=0 and the body is as follows:

{"username": "chris"}

Any ideas how I could get SSO working?

8 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Chris did you ever this get resolved?

When I follow the Crowd REST API doc, there' a possibility to get back a token ( HTTP POST /session?validate-password=false etc.). But what then? I want to create a SSO between my own website from which I talk REST to Crowd and JIRA/Confluence so what cookies/headers do I need to set to get that working given the token that I have?

Michael, I believe you should ask a question of your own on this. The question is soemthing else, and if you get a reply on your question it is not really an answer to this question.

Can you help me with what cookies I need to set to begin with?

What do you mean?

Did you close in on a solution yourself on this?

I have the same issue. I'm currently in contact with Atlassian support, and the issue has actually been escalated internally to senior staff. Seems that everything is working fine in regards to cookies, etc., but for some reason Confluence/Crowd is still unable to play together. Having Crowd authenticate on behalf of Confluence (without SSO) works like a charm though.

A small update - our IT infrastructure includes an ISA that does not forward the client IP adr. But if that is the main reason I still do not know.

I'll update on this issue when I get a reply from Atlassian.

Still waiting for feedback from Atlassian. No news from me.

Still waiting for feedback from Atlasian. The issue is a level 1 support issue but they still haven't figured out the reason.

I ended up discontinuing Crowd. Atlassian was unable to aid for our setup with ISA server, and we'll rather develop our own solution that continue with Crowd.

Have you set the authenticator in seraph-config.xml ?

For Confluence it should be

<authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/>

and for JIRA it should be

<authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>

See http://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence

and

http://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+JIRA

Cheers,

Jim

Is your webapp and Confluence/JIRA instances on the same IP? I had a similar issue recently with fisheye and had to add the IP that fisheye was running on into the Trusted Proxy list in Crowd (under Admin). This resolved it.

EDIT: Misread your post

Does 'Misread your post' mean that your answer did'nt have anything to do with the matter?

Hi Ivar,

Answers allows you the opportunity to give a reason why you edited your post. In this case, Colin offered an answer, and then edited it, leaving the reason "EDIT: Misread your post" as the reason for editing his post.

Cheers,

Jim

@Jim; of course :) Just wandering if his edit indicated that he changed his original answer and that his current answer is related, or if he let his original answer 'stay' while adding 'Misread your post'. I've seen both things happen :)

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

TAGS
Community showcase
Published in Marketplace Apps & Integrations

The origin of Dashboard Hub: Atlasboard

First of all, I'm going to introduce myself. My name is Gorka, I work as product manager in Appfire Although this is my first public article in the community, I've been around since 2013. I starte...

209 views 2 18
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you