Warning |
---|
!!! We have migrated this cloud instance to our own hosted server instance !!!Please follow this link to find the content you are looking for: Admin password prompt (WebSudo)Thank you for your understanding. |
Problem
We've noticed that if we log in using SSO to our ADFS with a jira/confluence-administrator (or confluence) user, when we try to go to an administration page, we are prompted to re-enter the user password. Why the SAML Single Sign On plugin does not perform the authentication process ?
...
The WebSudo component does not use the SAML SSO Plugin for authentication. You essentially have two options.
- You login/create a normal administrator account with a JIRA/Confluence password and use him to access the administration section.
- Disable WebSudo: https://confluence.atlassian.com/jira/configuring-secure-administrator-sessions-231343939.html#ConfiguringSecureAdministratorSessions-DisablingSecureAdministratorSessions
- Use local Admin Users, with a local password in the Jira/Confluence Database
A little more background:
...
- You login to Confluence/Jira via SSO so entering your Username & Password at the IdP (if you weren’t already authenticated there).
- Once you want to become admin, WebSudo would send you to the IdP for authentication.
- The IdP sees you are already authenticated and sends you back to Jira/Confluence as AUTHENTICATED, WITHOUT asking you for the password again.
- Here you go you are in the admin section.
...