In previous recipes, we have looked at different options for JIRA to use external centralized user repositories, including Crowd. One of the advantages of integrating JIRA with Crowd is its single sign-on (SSO) abilities.
Web-based applications integrated with Crowd are able to participate in an SSO environment; so, when a user is logged in to one application, he/she will be automatically logged in to all other applications.
If you are looking for single sign-on in a Windows environment where users will be automatically logged on to applications with their workstation, read the next recipe, Setting up a Windows domain single sign-on.
Before you can set up SSO with Crowd, you will first need to integrate JIRA with Crowd for user management. Refer to the Integrating with Atlassian Crowd recipe for details.
If you have already integrated JIRA with Crowd, you will need to have the following information:
crowd.properties
file from the <CROWD_INSTALL>/client/conf
directoryProceed with the following steps to enable SSO with Crowd:
seraph-config.xml
file located in the <JIRA_INSTALL>/atlassian-jira/WEB-INF/classes
directory in a text editor.com.atlassian.jira.security.login.JiraSeraphAuthenticator
and comment it out so it looks like the following:<!-- <authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/> -->
com.atlassian.jira.security.login.SSOSeraphAuthenticator
and uncomment it so it looks like the following:<authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>
crowd.properties
file to the <JIRA_INSTALL>/atlassian-jira/WEB-INF/classes
directory.crowd.properties
in a text editor and update the properties listed in the following table.Once JIRA has started up again, it will participate in SSO sessions in all Crowd SSO-enabled applications, for example, if you have multiple JIRA instances integrated to Crowd for SSO, you will only need to log in to one of the JIRAs.