User unable to login to application without membership in a specific group when SSO is enabled

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

問題

When SSO is enabled, newly created users are unable to login to application without membership in a specific group.

For example, Confluence and JIRA are connected to Crowd as the user directory, with SSO. In this situation:

  1. A new User A is created in Crowd
  2. User A is assigned membership in the confluence-users group in Crowd
  3. Authentication tests for the user in the Confluence application in Crowd are successful
  4. Synchronizing the Crowd user directory to Confluence is successful
  5. User is unable to login to Confluence with the following error: 
  6. Users are able to log in to the application once they are provided membership in the jira-users group.


原因

The information in the crowd.properties configuration file inside the affected application is incorrect. In this example, the issue is caused by the crowd.properties file in Confluence, which uses the application information and credentials that connect to the JIRA application. Therefore, when SSO is enabled, Confluence will attempt to connect to the JIRA application during authentication. If the user does not have the group with the use permission in JIRA (here, jira-users), they will not be able to log in to Confluence.

 

ソリューション

  • Modify crowd.properties and ensure that the information matches the application information as configured in Crowd. See this documentation for information on how to configure SSO.

最終更新日 2018 年 11 月 2 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.