Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-1720

Customers Cannot Login with SSO Enabled

XMLWordPrintable

      I have two directories. "Jira Internal Directory" and "Atlassian Crowd Directory".

      The internal directory is at the "top" and is the default directory. This way, when customers self sign-up, their accounts are created in the jira directory (default directory), not the crowd directory.

      When following the instructions to enable SSO by changing the Authenticator

      <authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>

      Users can no longer authenticate to the "Internal Jira Directory" because the authenticator doesn't check the internal directory.

            [JSDSERVER-1720] Customers Cannot Login with SSO Enabled

            Mark Willcox added a comment -

            For anyone else who has only recently run in to this, ridiculous, issue; I have just made use of the MIDANAuthenticator courtesy of Alexander Sebastian Jost's comments back in 2016.

            I can confirm the MIDANAuthenticator still works and I am using it with Jira version 7.7.0 and Crowd version 3.1.2

            Instructions:

            1. Set the JIRA internal directory to be above the Crowd directory on JIRA's user directories page.
            2. Download the the midan-authenticator-1.1.jar from the github releases page.
            3. Copy the .jar in to the [JIRA ROOT]/atlassian-jira/WEB-INF/lib folder
            4. Comment out the CrowdSSO authenticator in the [JIRA ROOT]/atlassian-jira/WEB-INF/seraph-config.xml
            5. Add a new authenticator:
              <authenticator class="eu.midan.MIDANAuthenticator"/>

            How Atlassian still haven't fixed this is incredible. I guess people paying for crazy crowd licenses to accommodate all of their customers is a disincentive.

            Mark Willcox added a comment - For anyone else who has only recently run in to this, ridiculous, issue; I have just made use of the MIDANAuthenticator courtesy of  Alexander Sebastian Jost's comments back in 2016 . I can confirm the MIDANAuthenticator still works and I am using it with Jira version 7.7.0 and Crowd version 3.1.2 Instructions: Set the JIRA internal directory to be above the Crowd directory on JIRA's user directories page. Download the the midan-authenticator-1.1.jar from the github releases page. Copy the .jar in to the  [JIRA ROOT] /atlassian-jira/WEB-INF/lib folder Comment out the CrowdSSO authenticator in the  [JIRA ROOT] /atlassian-jira/WEB-INF/seraph-config.xml Add a new authenticator: <authenticator class="eu.midan.MIDANAuthenticator"/> How Atlassian still haven't fixed this is incredible. I guess people paying for crazy crowd licenses to accommodate all of their customers is a disincentive.

            James Rogers added a comment -

            IMPOSSIBLE.

            You can't just mark this as a duplicate of JSD-1244 and then just bush it off without so much of a consideration.

            This suggestions in JSD-1244 is a NON-STARTER. I CANNOT and WILL NOT make my crowd server the "top most" and "default" directory.

            I CANNOT create customers in the Crowd directory. Again, this is a NON-STARTER. It will BLOW AWAY my Crowd Max User license in 2 milliseconds.

            James Rogers added a comment - IMPOSSIBLE. You can't just mark this as a duplicate of JSD-1244 and then just bush it off without so much of a consideration. This suggestions in JSD-1244 is a NON-STARTER. I CANNOT and WILL NOT make my crowd server the "top most" and "default" directory. I CANNOT create customers in the Crowd directory. Again, this is a NON-STARTER. It will BLOW AWAY my Crowd Max User license in 2 milliseconds.

            Kha Nguyen (Inactive) added a comment -

            Hi jbarwick1

            This issue is a duplicate of JSD-1244. Please follow and vote for it instead.

            For now, you can configure SSO with Crowd by following the guides here https://jira.atlassian.com/browse/JSD-923?focusedCommentId=667702&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-667702. You can read that ticket for more information.

            Thanks,
            JIRA Service Desk team

            Kha Nguyen (Inactive) added a comment - Hi jbarwick1 This issue is a duplicate of JSD-1244 . Please follow and vote for it instead. For now, you can configure SSO with Crowd by following the guides here https://jira.atlassian.com/browse/JSD-923?focusedCommentId=667702&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-667702 . You can read that ticket for more information. Thanks, JIRA Service Desk team

              knguyen@atlassian.com Kha Nguyen (Inactive)
              b8a4333cf7d7 James Rogers
              Affected customers:
              0 This affects my team
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: