Plugin Configuration
- Jörg (TMP) B (TMP) (Deactivated)
- Jaime Capitel
- Christian Eitel (Deactivated)
!!! We have migrated this cloud instance to our own hosted server instance !!!
Please follow this link to find the content you are looking for: https://wiki.resolution.de/doc/saml-sso/latest/jira/setup-guides-for-saml-sso
Thank you for your understanding.
Open the SAMLSSO plugin configuration at https://<confluence/jira-url>/plugins/servlet/samlsso/admin or by clicking Configure in the Plugin Manager.
Enter the appropriate settings and click Send.
| Setting | Description | Example |
|---|---|---|
| IdP URL | URL on the Identity Provider where the SAML authentication requests are sent to. | https://adfs.example.com/adfs/ls/ |
| Default redirect URL | Relative URL on JIRA or Confluence to redirect to after successful login if no specific URL was called. This is usually the case if the samlsso-Servlet is opened directly. This value is usually just | / |
| Login page URL | If the SAML login fails, a link to the username/password login page is displayed in the error page. For Confluence, this is usually /login.action, for JIRA /login.jsp | /login.jsp |
| Override Login URL | If this box is checked, JIRA/Confluence redirects to the samlsso-Servlet (which redirects to ADFS) instead of the login page. If this is box is not checked, single sign on only works if the samlsso-Servlet is called directly at https://<confluence/jira-url>/plugins/servlet/samlsso. | |
| IdP Certificate | Paste the BASE64-encoded Token Signing Certificate here. If you leave this field empty, the SAML response signature validation is disabled. This can be useful for testing and troubleshooting, but it's strongly recommend to enable the validation. Otherwise, attackers could gain access by sending fake SAML-responses. After clicking Send, the certificate is shown in the field below in readable form. |
JIRA: Add the redirect Gadget to the System Dashboard
The redirect gadget has been removed in version 0.11.1 and later for JIRA. To redirect requests to the dashboard, just check the checkbox "Redirect requests to the dashboard" on the configuration page
If the JIRA base URL is opened, the System Dashboard is shown for the anonymous user instead of redirecting the user to the login page. This can confuse the users because they see the login gadget instead of getting logged in automatically.
To avoid this, the Plugin comes with the SAML SSO Redirect gadget:
Add this Gadget to the system dashboard. If a the system dashboard is displayed for a logged in user, it just shows the logged in name:
If no user is logged in, the gadget triggers a redirect to /plugins/servlet/samlsso from where the user is authenticated and redirected back to the dashboard.