Use single sign-on (SSO) authentication for Atlassian JIRA
Enterprise Application Access (EAA) supports single sign-on (SSO) to Atlassian applications, such as JIRA, using custom headers insertion. This lets you access the Atlassian application through the EAA Cloud service without authenticating for a specific application again.
Before you begin
- Download the latest version of the Atlassian JIRA SSO connector.
Copy the downloaded jar file to
this location in your JIRA installation:
- For Linux:*/jira/WEB-INF/lib
- For Windows: *jira/WEB-INF/lib
- Download the jiraRemoteUserAuthenticator.properties text file from https://github.com/UW-Madison-DoIT/jiraRemoteUserAuth/tree/master/conf.
Rename the file to RemoteUserAuthenticator.properties by removing jira from the
start of the file name, and save it to this location in your JIRA
- For Linux: */jira/WEB-INF/classes
- For Windows: *jira/WEB-INF/classes
Edit the remoteUserAuthenticator.properties file with administrative
privileges and change these lines to send remote headers for SSO:
- Change header.remote_user=REMOTE_USER to header.remote_user=user_name
- Comment out the line #header.email=CONF_EMAIL
- Comment out the line #header.fullname=CONF_FULLNAME
- Save the file.
Edit the seraph-config.xml
file at this location in your Confluence installation /WEB-INF/classes/seraph-config.xml. Edit this line:
Find and replace or comment out <authenticator class="com.atlassian.seraph.auth.DefaultAuthenticator"/> with:
- Save the file and restart the JIRA application.
Configure the Enterprise Application Access (EAA) application.
- Click Settings on the JIRA application that you configured in EAA.
- Click ADVANCED SETTINGS at the top.
- Scroll to the Custom HTTP headers section.
- Enter user_name in the Header Name field and select user from the Attribute field.
- Click Save and go to Deployment.