This page last changed on Aug 26, 2010 by jhammons.

Please follow the steps below to troubleshoot problems with SSO (single sign-on) in Crowd:

  1. Ensure that each application is using the same version of the crowd-integration-client JAR file. For example, if you are using Crowd 1.4, the crowd-integration-client-1.4.jar file should be located in the WEB-INF/lib directory of each Crowd-integrated application. For more information, please review this Knowledge Base article.

  2. Confirm that you can log in to each application with the same username and password.
    • In Crowd, click 'Applications' to view the Application Browser.
    • Click 'View' next to the application.
    • Click the 'Authentication Test' tab and follow these instructions.

  3. Set each application to use centralised SSO authentication, as follows. Ensure that each Atlassian application's WEB-INF/classes/seraph-config.xml file is using the Crowd's com.atlassian.crowd authenticator class. For example in JIRA, instead of this:


    you should have this:

    Please, see our Adding an Application Tutorial page to check the SSO authenticator classes for other applications.

  4. Once each application is using centralised authentication, confirm you can log in to each application with the same username and password.

  5. Ensure that each application is using the same sub-domain. For example:
    • JIRA -> jira.example.com
    • Confluence -> confluence.example.com
    • Crowd -> crowd.example.com

SSO will only work with applications on the same sub-domain. Why? Crowd uses a cookie to manage SSO and your browser only has access to cookies in the same sub domain, e.g. *.example.com.

This is the value that you set in the Domain property (e.g. .example.com) for Crowd to enable SSO. This is covered in the documentation on configuring the domain.

Still having trouble?

If the above steps have not solved your problem, please gather some debugging information as described below before contacting Atlassian support:

  1. In Crowd, go to 'Administration' -> 'Logging & Profiling'. Change the com.atlassian.crowd package to DEBUG.
  2. Replicate the SSO problem you are having.
  3. Please raise a support issue on our Support System, attaching your {CROWD}/atlassian-crowd.log file with the debug information gathered.
RELATED TOPICS

Overview of SSO

Document generated by Confluence on Nov 30, 2010 23:54