-
Bug
-
Resolution: Fixed
-
Highest
-
5.10.5
-
26
-
Severity 1 - Critical
-
Summary
Crowd SSO users cannot login to Confluence server after upgrading to 5.10.5
after upgrading to 5.10.5, all Crowd using SSO user cannot login to Confluence.
Error message in atlassian-confluence.log:
login login : '<username>' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
Environment
- Confluence 5.10.5 + Crowd and SSO enabled
Steps to Reproduce
- Install Confluence 5.10.5
- Enable SSO settings in Confluence and Crowd
edit seraph-config.xml
refer https://confluence.atlassian.com/crowd/integrating-crowd-with-atlassian-confluence-198573.html - restart Confluence
Expected Results
Crowd users can log in.
Actual Results
Crowd users cannot log in.
Notes
Workaround
1) Login Crowd once, before logging in Confluence.
2) Disabling SSO allows the login by disabling the Confluence "Crowd SSO Authenticator" and re-enabling the default Confluence authenticator:
- Shut down Confluence if it is currently running
- Edit the file CONFLUENCE/confluence/WEB-INF/classes/seraph-config.xml
- Uncomment the default Confluence authenticator:
<authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>
- Comment out the Crowd SSO Authenticator:
<!-- <authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/> -->
- Restart Confluence
Note that this workaround is to allow users to log in to Confluence, however, SSO will not work with Confluence