In the previous recipe, we have looked at how to integrate JIRA with LDAP for authentication, users, and group management. Sometimes, you might need LDAP only for authentication, and to keep the group membership separate from LDAP for easy management.
In this recipe, we will look at how to integrate JIRA with LDAP only for authentication.
For this recipe, you will need to have an LDAP server up and running. You need to make sure that the JIRA server is able to access to the LDAP server. For more details, refer to the previous recipe, Integrating and importing users from LDAP.
Proceed with the following steps to integrate JIRA with an LDAP server exclusively for authentication:
Internal with LDAP Authentication
option.
Server settings |
Description |
Copy User on Login |
This automatically copies the user from LDAP into JIRA when the user first successfully logs in to JIRA. |
Default Group Membership |
This automatically adds the user into the groups specified here when the user first successfully logs in to JIRA. This setting is not retrospectively applied to existing users. This is a useful feature to ensure that every user who can log in to JIRA will be added to the necessary groups, such as jira-users. |
Synchronize Group Memberships |
This automatically copies the user's group membership to JIRA when the user successfully logs in. |
This authentication option is similar to the previous recipe with a number of key differences:
With this setup, every time a user first successfully logs in to JIRA, the user is copied from LDAP to JIRA's local user repository along with the group membership (if configured to do so). Since LDAP is only used at authentication time, with no initial overhead of synchronizing all the user information, this option can provide better performance for organizations that need to synchronize a large user base in LDAP.