Uploaded image for project: 'Confluence Server'
  1. Confluence Server
  2. CONFSERVER-23957

Confluence SSO authenticator class does not copy users on login

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: 3.5, 3.5.13, 4.1, 5.1.3
    • Fix Version/s: 5.10.5
    • Component/s: None
    • Labels:

      Description

      If you connect Confluence 3.5+ to Crowd using the connector, and Crowd is backing Confluence with a delegated LDAP directory, a user that is not in the directory will always fail their first login and will not be able to authenticate until the connector syncs.

      Tested in:
      Confluence 3.5.13
      Crowd 2.2.7
      Delegated LDAP Directory pointing to Apache DS
      Delegated LDAP Directory pointing to MSAD

      Behavior:
      User jsmith exists in LDAP, but not yet in Crowd. User attempts to login to Confluence. The user it told that their username or password is incorrect. On the Crowd side, the user will be added to the directory successfully, but will continue to fail auth in Confluence until the directory sync with Crowd occurs.

      This only happens when using the com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator class. If you are using the default Confluence authenticator class in your serap-config.xml, it works as expected. The user jsmith will attempt to login to Confluence and will be added to Crowd and Confluence.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                43 Vote for this issue
                Watchers:
                31 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Last commented:
                  2 years, 28 weeks ago