-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
8
-
Problem
SSO requests are currently exempted from websudo. Users logged in through SSO can go straight into administration functions without a websudo check which poses a security risk.
Solution
Allow websudo to work with SAML/SSO setup as well as to allow websudo to work with other marketplace SAML/SSO plugins.
Workaround
- Set a new password for the user that was created with JIT provisioning: JIT provisioning creates a user in Bitbucket's Internal Directory and you can define a password for this user. As a side-effect, an administrator will have 2 passwords - the IdP password to log in Confluence and the Internal password to authenticate in secure-sessions.
- is related to
-
- Gathering Interest
-
- Gathering Interest
- depends on
-
![[JIRA Server (Bulldog)] Story - Created by Jira Software - do not edit or delete. Issue type for a user story.](https://bulldog.internal.atlassian.com/images/icons/issuetypes/story.svg "[JIRA Server (Bulldog)] Story - Created by Jira Software - do not edit or delete. Issue type for a user story.")
AAUTH-20
You do not have permission to view this issue
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
The mentioned workaround is a security issue for us and will confuse the users, as they have to maintain a Password directly within the app instead of using their Azure Login.
Please asap provide the same websudo functionality as it is already true for Jira and Confluence where other SSO Providers like Resolution are able to provide a SSO based solution for the Websudo.