eduix / crowd-shibboleth-module Goto Github PK
View Code? Open in Web Editor NEWShibboleth authentication module and accompanying plugin for Atlassian Crowd
Shibboleth authentication module and accompanying plugin for Atlassian Crowd
I've been working with the shibboleth-filter and shibboleth-filter-config modules this week and have written some documentation for newbies (like me) who need to know how to build it. Can I contribute the documentation to the project?
Also, I have some questions:
This issue could be entirely because I'm trying to make this plugin work with Atlassian Crowd 2.12.0 (Build: #751):
I seem to have this most of the way working. I setup a "Login with Shibboleth" link in my instance of Confluence, and I can trace it going through the auth steps with our campus IdP, but then it just redirects to the login page.
In atlassian-crowd.log it states:
2017-07-12 14:43:22,922 http-bio-8095-exec-22 ERROR [nordu.crowd.shibboleth.ShibbolethSSOFilter] Error creating new user com.atlassian.crowd.exception.UserAlreadyExistsException: User already exists in directory [851969] with name
Couple other notes - I do see the user generated in Crowd, so it's at least getting that far. I also verified that the users are added to a group that setup for Confluence login.
Just thought I'd toss this out there in case anybody else was using this plugin with the current versions of the atlassian suite, and possibly ran into this issue.
Many thanks to anyone that can help.
Hello,
I'm in the process of migrating from Crowd 2.7.2. I want to upgrade to 3.3.0, but the shibboleth-filter-config seems to say 3.0.0+. Both of these versions are giving me issues with the applicationContext-CrowdSecurity.xml
:
This is the error I get when following the shibboleth-filter/README.md
when trying Crowd 3.0.0:
2018-10-18 16:56:51,229 localhost-startStop-1 ERROR [ContainerBase.[Catalina].[localhost].[/crowd]] Exception sending context initialized event to listener instance of class com.atlassian.config.bootstrap.BootstrappedContextLoaderListener
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 117 in XML document from class path resource [applicationContext-CrowdSecurity.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 117; columnNumber: 136; The pre
fix "util" for element "util:constant" is not bound.
When I tried with 3.3.0, I was getting this error:
Caused by: org.xml.sax.SAXParseException; lineNumber: 82; columnNumber: 62; cvc-complex-type.3.2.2: Attribute 'access-denied-page' is not allowed to appear in element 'security:http'.
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 82 in XML document from class path resource [applicationContext-CrowdSecurity.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 82; columnNumber: 62; cvc-complex-type.3.2.2: Attribute 'access-denied-page' is not allowed to appear in element 'security:http'.
I'm wondering if there's something I'm missing? I'm confident that I'm following the install instructions verbatim, but maybe I'm missing something?
Thanks!
--- Update ---
Once I add the following to the top of the file:
xmlns:util="http://www.springframework.org/schema/util"
and
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
to the top of the file, I get past this error. However, I then get:
Error creating bean with name 'util:constant#1e3e794b': Invocation of init method failed; nested exception is java.lang.ClassNotFoundException: com.atlassian.crowd.integration.springsecurity.SecurityConstants
Which, looking into it, Crowd 3.0.0 doesn't have that bean, but 3.1 does:
https://docs.atlassian.com/atlassian-crowd/3.1.5/com/atlassian/crowd/integration/springsecurity/SecurityConstants.html
However, if I try using 3.1.5, I'm getting the same "access-denied-page" attribute error as I did with 3.3.0.
Hello all. I am facing a weird issue in an environment that uses CAFe+Shibboleth+Crowd. This environment works like a charm for almost all users, but that ones that have special characters in their names as, for example, "José", "Ítalo", etc.
I did talk to Atlassian, and they said it happens due to this class - https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/web/firewall/StrictHttpFirewall.html .
The fact is that this is not clear to me. Should I change anything on Shibboleth implementation?
If you can help, I will be grateful.
Best regards,
Wagner Ferreira
[email protected]
How to configured Atlassian apps (e.g. JIRA, Confluence) to use shibboleth style redirect login urls.
STEP #1
Update the app's "seraph-config.xml" file to have
login.url
http://YourServerName:8095/crowd/plugins/servlet/ssocookie?redirectTo=${originalurl}
STEP #2
Make sure that the "plugins" folder is protected by Shibboleth as you may have not protected the entire directory to allow access to the REST webservices, etc.
We have a working test system with 2.7.2 and we are now trying to build dedicated crowd test and production servers with 2.8.0. We have copied the settings from the previous test system, and crowd authentication with local accounts works OK. Shibboleth logins are, however, not working. The accounts are created, but somehow the authenticator is not aware of them abd tries to recreate them:
2015-01-23 08:36:46,338 ajp-bio-8009-exec-7 DEBUG [nordu.crowd.shibboleth.ShibbolethSSOFilter] No user [email protected] found. Creating
2015-01-23 08:36:46,562 ajp-bio-8009-exec-7 ERROR [nordu.crowd.shibboleth.ShibbolethSSOFilter] Error creating new user
com.atlassian.crowd.exception.UserAlreadyExistsException: User already exists in directory [491521] with name [[email protected]]
at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.addUser(DirectoryManagerGeneric.java:309)
Hi
i'm trying the use crowd-shibboleth-module and i'm having
the error:
Cannot resolve reference to bean 'authenticationProcessingShibbolethFilter' while setting constructor argument with key [4]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationProcessingShibbolethFilter': Lookup method resolution failed; nested exception is java.lang.IllegalStateException: Failed to introspect Class [net.nordu.crowd.shibboleth.ShibbolethSSOFilter]
an someone help me ?
thanks
Hi-
Attempting to make Crowd v2.12.0 (Build:#751) and this plugin work with the current versions of Confluence, JIRA, and BitBucket.
I seem to have this plugin working to the extent that I can:
The requested resource is not available
Here's the interesting thing.... I can then go to the confluence URL and I have an active session.
Couple of the causes I can certainly imagine are:
There's no WARNs or ERRORs listed in atlassian-crowd.log. I'm not also seeing anything in the shib logs.
I'll continue to research this and see if I can make it work. Seems like if I can resolve this issue, I'll have a sucessfull instance of Crowd 2.12.0 & Shibd/NGINX working with latest revisions of the other Atlassian products. Hoping to get this online, and contribute my notes of getting it online for others. Thanks to all for any help you might provide.
Hi !
I'm currently testing this cool plugin but i don't know how the sync url should look like.
The Sample File says only ...
#New user sync urls for apps
#sync.appname1=url to call with password parameter
Can you give me a example url for confluence and jira please ?
thanks !
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.