Details
-
Suggestion
-
Resolution: Duplicate
-
None
-
None
-
None
Description
Scenario:
Crowd - confluence/jira SSO implemented
Crowd backed by delegated auth directory to ldap
Confluence backed by crowd user directory - sync interval default to 60m
New user in ldap.
Login to confluence.
Confluence passes auth request to crowd. Crowd passes auth request to ldap. Ldap confirms authentication request. Crowd creates the user, adds default groups (confluence-users).
User login to confluence fails.
Wait 1 hr (default sync time)
Login to confluence.
Login success.
The issue here is there is no way to connect Confluence back to crowd using the delegated auth connector mechanism. While Confluence and Crowd can both delegate authentication back to an LDAP system, there is no way for Confluence to delegate to Crowd to delegate to LDAP.
Directly delegating from Confluence to LDAP is not an option as Crowd is being used for SSO.
Please include a way for Confluence to delegate/connect back to Crowd without having to fail authentication for new user first time login, which will create the user in crowd, then wait for Confluence to sync.
Attachments
Issue Links
- duplicates
-
CWD-2650 Crowd doesn't create new users automatically in other directories when he first login, but after sometime
- Closed