_SSO within a Domain
The core Crowd functionality supports SSO across applications within a single domain, such as *.mydomain.com. Crowd uses a browser cookie to manage SSO. Because your browser limits cookie access to hosts in the same domain, this means that all applications participating in SSO must be in the same domain.
Example 1: If you wish to have single sign-on (SSO) support for *.mydomain.com, you will need to configure the SSO domain in Crowd as mydomain.com. All your Crowd-connected applications must be in the same domain. For example:
Crowd |
|
|
|---|---|---|
Jira |
|
|
Confluence |
|
|
FishEye |
|
|
FishEye in different domain |
|
|
Example 2: If you wish to have single sign-on (SSO) support for mydomain.com/*, you will need to configure the SSO domain in Crowd as mydomain.com. All your Crowd-connected applications must be in the same domain. For example:
Crowd |
|
|
|---|---|---|
Jira |
|
|
Confluence |
|
|
FishEye |
|
|
FishEye in different domain |
|
|
You can find information the comparison of host name strings in RFC 6265 (section 5).