SAML Single Sign-OnSAML Single Sign-On
Try For Free

Plugin Configuration

Documentation

The configuration page has been revised in the last versions and contains more options now. These options are described within the configuration page itself

 

Open the SAMLSSO plugin configuration at https://<confluence/jira-url>/plugins/servlet/samlsso/admin or by clicking Configure  in the Plugin Manager.

screenshot_102.jpg

Enter the appropriate settings and click Send.

Setting

Description

Example

IdP URL

URL on the Identity Provider where the SAML authentication requests are sent to.

https://adfs.example.com/adfs/ls/

Default redirect URL

Relative URL on JIRA or Confluence to redirect to after successful login if no specific URL was called. This is usually the case if the samlsso-Servlet is opened directly.

This value is usually just / if Confluence/JIRA is running in the root context.

/

Login page URL

If the SAML login fails, a link to the username/password login page is displayed in the error page. For Confluence, this is usually /login.action, for JIRA /login.jsp

/login.jsp

Override Login URL

If this box is checked, JIRA/Confluence redirects to the samlsso-Servlet (which redirects to ADFS) instead of the login page. If this is box is not checked, single sign on only works if the samlsso-Servlet is called directly at https://<confluence/jira-url>/plugins/servlet/samlsso.

 

IdP Certificate

Paste the BASE64-encoded Token Signing Certificate here.

If you leave this field empty, the SAML response signature validation is disabled. This can be useful for testing and troubleshooting, but it's strongly recommend to enable the validation. Otherwise, attackers could gain access by sending fake SAML-responses.

After clicking Send, the certificate is shown in the field below in readable form.

 

 

JIRA: Add the redirect Gadget to the System Dashboard

The redirect gadget has been removed in version 0.11.1 and later for JIRA. To redirect requests to the dashboard, just check the checkbox "Redirect requests to the dashboard" on the configuration page

 

If the JIRA base URL is opened, the System Dashboard is shown for the anonymous user instead of redirecting the user to the login page. This can confuse the users because they see the login gadget instead of getting logged in automatically.

To avoid this, the Plugin comes with the SAML SSO Redirect gadget:

screenshot_241.png

Add this Gadget to the system dashboard. If a the system dashboard is displayed for a logged in user, it just shows the logged in name:

screenshot_242.png

If no user is logged in, the gadget triggers a redirect to /plugins/servlet/samlsso from where the user is authenticated and redirected back to the dashboard.

 

 

This site uses cookies to deliver its service & to analyse traffic. By browsing this site, you accept the privacy policy.

Our Wiki uses cookies

We want to give you the best possible experience on our website. For this we use technically required cookies and, if you agree, cookies for analysis and marketing purposes. You can find more information about the cookies in our Privacy Policy. By tapping ‘Accept All,’ you consent to the use of these methods by us and third parties.

Necessary
Always Active
Analytics
Advertisement
Other