Ability to have the Websudo functionality working with SAML / SSO

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Single Sign On
    • None
    • 21
    • 7

      Problem

      SSO requests are currently exempted from websudo. Users logged in through SSO can go straight into administration functions without a websudo check which poses a security risk.

      Solution

      Allow websudo to work with SAML/SSO setup as well as to allow websudo to work with other marketplace SAML/SSO plugins.

      Workaround

      • Set a new password for the user that was created with JIT provisioning: JIT provisioning creates a user in Bitbucket's Internal Directory and you can define a password for this user. As a side-effect, an administrator will have 2 passwords - the IdP password to log in Confluence and the Internal password to authenticate in secure-sessions.

       

            Assignee:
            Unassigned
            Reporter:
            Yingran Sun
            Votes:
            14 Vote for this issue
            Watchers:
            19 Start watching this issue

              Created:
              Updated: