SAML Single Sign On Further Configuration Current: Crowd with remote directories Crowd with remote directories This solution requires Crowd 2.10.2 or higher. Users from Crowd-directories can be authenticated by the SAML-Addon, but there is a limitation:If the user directory in Crowd is a remote directory (e.g. LDAP) or delegates authentication (e.g. to a LDAP-server), it can happen that the user is not found during the SAML login processes. Updating a user from a remote directory is tied to the authentication process which is not happening because the user has already been authenticated by the SAML Identity Provider.To solve this, we provide an addon for Crowd to trigger the required fetch from the remote directory. This Addon provides a REST-endpoint /rest/de.resolution.updateuserfromremotedirectory/1.0/ which always returns 204 (no content). When receiving a PUT-request containing the userid, the user is searched and if available updated in Crowd's remote directories.Starting with version 2.0.11, the SAML Single Sign On allows sending this PUT-request to Crowd. This can be enabled with the checkbox "Trigger update in Crowd".Install the Crowd addonDownload the Addon from http://builds.resolution.de/release/update-user-from-remote-directory-1.2.0.jarCopy it to the plugins folder of your Crowd instance (e.g. /var/crowd-home/shared/plugins)Restart CrowdVerify the installation by sending a PUT-request to the REST-endpoint, e.g. using curl and check that the result is 204 No Content:You need to do this from the application host, where SAML SSO is installed, i.e. Jira or Confluence. The test will also reveal, if there are any connectivity- or certificate issues. curl -v -X PUT http://<CROWD>/crowd/rest/de.resolution.updateuserfromremotedirectory/1.0/ * Trying 188.8.131.52... * TCP_NODELAY set * Connected to <CROWD> (184.108.40.206) port 8095 (#0) > PUT /crowd/rest/de.resolution.updateuserfromremotedirectory/1.0/ HTTP/1.1 > Host: crowd31.lab.resolution.de:8095 > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 204 No Content < X-ASEN: SEN-L10707859 < X-Content-Type-Options: nosniff < Date: Mon, 05 Mar 2018 12:39:56 GMT < * Connection #0 to host crowd31.lab.resolution.de left intact CODE SAML Single Sign-On is available for Atlassian Server & Atlassian Data Center products. Our Jira Data Center, Confluence Data Center, Bitbucket Data Center, Jira Server, Confluence Server, Bitbucket Server and other apps are all available on the Atlassian Marketplace.