Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Crowd with remote directories
This solution requires Crowd 2.10.2 or higher.
Users from Crowd-directories can be authenticated by the SAML-Addon, but there is a limitation:
If the user directory in Crowd is a remote directory (e.g. LDAP) or delegates authentication (e.g. to a LDAP-server), it can happen that the user is not found during the SAML login processes. Updating a user from a remote directory is tied to the authentication process which is not happening because the user has already been authenticated by the SAML Identity Provider.
To solve this, we provide an addon for Crowd to trigger the required fetch from the remote directory. This Addon provides a REST-endpoint /rest/de.resolution.updateuserfromremotedirectory/1.0/ which always returns 204 (no content). When receiving a PUT-request containing the userid, the user is searched and if available updated in Crowd's remote directories.
Starting with version 2.0.11, the SAML Single Sign On allows sending this PUT-request to Crowd. This can be enabled with the checkbox "Trigger update in Crowd".
Install the Crowd addon
- Download the Addon from http://builds.resolution.de/release/update-user-from-remote-directory-1.2.0.jar
- Copy it to the plugins folder of your Crowd instance (e.g. /var/crowd-home/shared/plugins)
- Restart Crowd
Verify the installation by sending a PUT-request to the REST-endpoint, e.g. using curl and check that the result is
204 No Content:You need to do this from the application host, where SAML SSO is installed, i.e. Jira or Confluence. The test will also reveal, if there are any connectivity- or certificate issues.
curl -v -X PUT http://<CROWD>/crowd/rest/de.resolution.updateuserfromremotedirectory/1.0/ * Trying 34.207.87.231... * TCP_NODELAY set * Connected to <CROWD> (34.207.87.231) port 8095 (#0) > PUT /crowd/rest/de.resolution.updateuserfromremotedirectory/1.0/ HTTP/1.1 > Host: crowd31.lab.resolution.de:8095 > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 204 No Content < X-ASEN: SEN-L10707859 < X-Content-Type-Options: nosniff < Date: Mon, 05 Mar 2018 12:39:56 GMT < * Connection #0 to host crowd31.lab.resolution.de left intactCODE