Confluence and Shibboleth

[Abeer Ishtiaq]

Peter,

The other web application can be integrated with SAML. They are configuring it on their end and will provide me the sp metadata xml file. Apparently, the vendor has done so in the past.

I do have some follow up questions on the IDP. It looks like to configure with an LDAP, you uncomment the section in login.config and then set the attributes in attributes-resolver.xml. But what about configuring with a database? I see the rdbms dataconnector in attributes-resolver.xml. Is that all I need to configure for the database connector? Or do I need to put something in login.config?

The reason I am trying to avoid LDAP is because it will be one more thing for us to maintain but if we can access the user out of a database that already exists, it saves an additional thing. However, if I can't get this to work then LDAP would be the second option.

Thanks,
Abeer

-----Original Message-----
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Peter Schober
Sent: Wednesday, August 22, 2012 11:06 AM
To: users at shibboleth.net
Subject: Re: Confluence and Shibboleth

* Abeer Ishtiaq <aishtiaq at netuitive.com> [2012-08-21 23:02]:
> I have confluence and another web application for which I want to 
> implement SSO.

Before going any further you'll need to find out whether this "other web application" can be integrated with SAML (e.g. using Shibboleth) or with Atlassian's Crowd (the "alternative" to SAML and Shibboleth mention before. given your environment/constraints).

Otherwise you might end up (i.e., after a lot of work and a steep learning curve) with Confluence integrated with a SAML SP authenticating to a SAML IdP (which in turn uses Confluence's
database) but still don't achieve SSO with that other application.

It might be trivial. Or it might not be possible.
Probably somewhere in between.
-peter
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net