Ability to have the Websudo functionality working with SAML / SSO

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Single Sign On
    • None
    • 29
    • 11

      Problem

      SSO requests are currently exempted from websudo. Users logged in through SSO can go straight into administration functions without a websudo check which poses a security risk.

      Solution

      Allow websudo to work with SAML/SSO setup as well as to allow websudo to work with other marketplace SAML/SSO plugins.

      Workaround

      • Set a new password for the user that was created with JIT provisioning: JIT provisioning creates a user in Bitbucket's Internal Directory and you can define a password for this user. As a side-effect, an administrator will have 2 passwords - the IdP password to log in Confluence and the Internal password to authenticate in secure-sessions.

       

              Assignee:
              Unassigned
              Reporter:
              Yingran Sun
              Votes:
              15 Vote for this issue
              Watchers:
              20 Start watching this issue

                Created:
                Updated: