-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
9
-
Problem Definition
For installations that use delegated LDAP for authentication users will be created in Bitbucket Server on their first login. This causes problem for plugins that provide authentication based on a custom token (e.g. SSO token / Kerberos).
If the plugin is able to resolve the username from the token, but the user has never logged in to Bitbucket Server, authentication will fail because the StashUser cannot be found.
Migrating to a Delegated Directory in Bitbucket
While this is possible, there is one caveat which is that users must login for the first time via the UI in order to synchronise user groups and permissions. This means that if you have users who have access keys in their user profile, they will not be able to push using those access keys until they login via the UI or perform an HTTP(s) git operation.
Suggested Solution
Bitbucket Server should provide a way to sync a remote user based on the username.
Workaround
Login to Bitbucket Server for the user to be authenticated.
- mentioned in
-
Page Loading...