Ability to have the Websudo functionality working with SAML / SSO

Problem Definition

When using JIT provisioning in Confluence Data Center, you can't access Confluence Administration because the websudo form gives a wrong credentials error.

Suggested Solution

I am requesting an enhancement to allow websudo to work with SAML setup as well as to allow websudo to work with other marketplace SAML plugins.

Workaround

There are two possible workarounds to access Confluence Administration:

• Disable the secure sessions, removing the websudo form. As a side-effect, you can go straight into administration functions without confirmation that you should. This poses a security risk.
  • See Configuring Secure Administrator Sessions.
• Set a new password for the user that was created with JIT provisioning: JIT provisioning creates a user in Confluence Internal Directory and you can define a password for this user. As a side-effect, an administrator will have 2 passwords - the IdP password to log in Confluence and the Internal password to authenticate in secure-sessions.