LDAP Authentication
9 views
Skip to first unread message
Stefan Kleineikenscheidt
Jun 18, 2009, 4:46:04 AM6/18/09
to Confluence in the (real) Enterprise
Hi,
I am currently setting up a Confluence instance for a new division of
my company. The confluence instance itself is quite small, but I want
to connect to our company's active directory for authenticating users
via LDAP.
I followed the description in the documentation (http://
confluence.atlassian.com/x/LDsC) but Confluence would still access
LDAP way for every page load. I think it is loading the user
information display Name etc.) from LDAP. (Ok, it will hold the data
in the cache eventually).
Anyway, I am very happy how authentication in JIRA can be configured,
which only delegates the authentication to LDAP, and everything else
happens locally. So i decided to roll my own LdapAuthenticator which
I plugged into the hibernate configruation of my atlassian-user.xml.
Downside is, that we have to create our users locally, but when our
division grows we will possible create something like JLUU (http://
confluence.atlassian.com/display/JIRAEXT/Jira+LDAP+User+Utility) or
migrate it.
Any thoughts on this?
Cheers,
-Stefan
PS: I will make this code public, as soon as I get a place for it at
the Atlassian Developer Network. If you are interested now, let me
know.
I am currently setting up a Confluence instance for a new division of
my company. The confluence instance itself is quite small, but I want
to connect to our company's active directory for authenticating users
via LDAP.
I followed the description in the documentation (http://
confluence.atlassian.com/x/LDsC) but Confluence would still access
LDAP way for every page load. I think it is loading the user
information display Name etc.) from LDAP. (Ok, it will hold the data
in the cache eventually).
Anyway, I am very happy how authentication in JIRA can be configured,
which only delegates the authentication to LDAP, and everything else
happens locally. So i decided to roll my own LdapAuthenticator which
I plugged into the hibernate configruation of my atlassian-user.xml.
Downside is, that we have to create our users locally, but when our
division grows we will possible create something like JLUU (http://
confluence.atlassian.com/display/JIRAEXT/Jira+LDAP+User+Utility) or
migrate it.
Any thoughts on this?
Cheers,
-Stefan
PS: I will make this code public, as soon as I get a place for it at
the Atlassian Developer Network. If you are interested now, let me
know.
Dave O'Flynn (Atlassian)
Jun 19, 2009, 8:18:39 PM6/19/09
to Confluence in the (real) Enterprise
Hi Stefan,
Nice work! I look forward to seeing your code up on the developer
network.
You can accomplish the same goals with Crowd and a Delegated Directory
(http://confluence.atlassian.com/x/HIGlBw). The upside is that you
don't have to maintain code, and you can maintain your users in one
place instead of two. The downside is that it costs money ;-)
In the medium term, we're looking to merge the LDAP stacks of JIRA,
Confluence, and Crowd, so that they all behave the same way and you
don't have to pay for Crowd if all you want is basic LDAP
connectivity.
Cheers,
Dave.
Atlassian Integration Product Manager
@daveoflynn
On Jun 18, 6:46 pm, Stefan Kleineikenscheidt
Nice work! I look forward to seeing your code up on the developer
network.
You can accomplish the same goals with Crowd and a Delegated Directory
(http://confluence.atlassian.com/x/HIGlBw). The upside is that you
don't have to maintain code, and you can maintain your users in one
place instead of two. The downside is that it costs money ;-)
In the medium term, we're looking to merge the LDAP stacks of JIRA,
Confluence, and Crowd, so that they all behave the same way and you
don't have to pay for Crowd if all you want is basic LDAP
connectivity.
Cheers,
Dave.
Atlassian Integration Product Manager
@daveoflynn
On Jun 18, 6:46 pm, Stefan Kleineikenscheidt
unixg...@gmail.com
Jun 22, 2009, 1:24:43 PM6/22/09
to Confluence in the (real) Enterprise
We've been doing LDAP integration here with versions 2.3.x, 2.5.4,
2.5.7, 2.6.x and 2.8.2.
My memory may not be that great, because we've generally copied one
machine's settings to another machine. It's pretty easy - just add
stuff to the atlassian-user.xml as described in
http://confluence.atlassian.com/display/CONF28/Add+LDAP+Integration -
that's how we are doing it right now. The biggest problem was getting
the right LDAP login settings.
The paddle.jar tool is really handy for troubleshooting the atlassian-
usr.xml without bringing confluence up and down, and especially when
you can't bring it up at all because of errors.
Alice
2.5.7, 2.6.x and 2.8.2.
My memory may not be that great, because we've generally copied one
machine's settings to another machine. It's pretty easy - just add
stuff to the atlassian-user.xml as described in
http://confluence.atlassian.com/display/CONF28/Add+LDAP+Integration -
that's how we are doing it right now. The biggest problem was getting
the right LDAP login settings.
The paddle.jar tool is really handy for troubleshooting the atlassian-
usr.xml without bringing confluence up and down, and especially when
you can't bring it up at all because of errors.
Alice
Stefan Kleineikenscheidt
Jun 26, 2009, 5:14:30 AM6/26/09
to Confluence in the (real) Enterprise
Hi Dave,
unfortunately, Crowd is not an option for us at the moment.
FYI - I put my code here, it works with not problem so far:
http://confluence.atlassian.com/display/CONFEXT/Simple+LDAP+Authenticator
I'd love to see Confluence to provide this functionality out-of-the-
box.
Cheers,
-Stefan
On 20 Jun., 02:18, "Dave O'Flynn (Atlassian)" <djof
Reply all
Reply to author
Forward
0 new messages