Confluence and Shibboleth

Abeer Ishtiaq aishtiaq at
Wed Aug 22 15:09:09 EDT 2012


The other web application can be integrated with SAML. They are configuring it on their end and will provide me the sp metadata xml file. Apparently, the vendor has done so in the past.

I do have some follow up questions on the IDP. It looks like to configure with an LDAP, you uncomment the section in login.config and then set the attributes in attributes-resolver.xml. But what about configuring with a database? I see the rdbms dataconnector in attributes-resolver.xml. Is that all I need to configure for the database connector? Or do I need to put something in login.config?

The reason I am trying to avoid LDAP is because it will be one more thing for us to maintain but if we can access the user out of a database that already exists, it saves an additional thing. However, if I can't get this to work then LDAP would be the second option.


-----Original Message-----
From: users-bounces at [mailto:users-bounces at] On Behalf Of Peter Schober
Sent: Wednesday, August 22, 2012 11:06 AM
To: users at
Subject: Re: Confluence and Shibboleth

* Abeer Ishtiaq <aishtiaq at> [2012-08-21 23:02]:
> I have confluence and another web application for which I want to 
> implement SSO.

Before going any further you'll need to find out whether this "other web application" can be integrated with SAML (e.g. using Shibboleth) or with Atlassian's Crowd (the "alternative" to SAML and Shibboleth mention before. given your environment/constraints).

Otherwise you might end up (i.e., after a lot of work and a steep learning curve) with Confluence integrated with a SAML SP authenticating to a SAML IdP (which in turn uses Confluence's
database) but still don't achieve SSO with that other application.

It might be trivial. Or it might not be possible.
Probably somewhere in between.
To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list