I followed the directions at https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence to set up SSO. The Crowd directory is visible and works within Confluence just fine, and I have disabled Confluence's built-in directory: Logging into Confluence using Crowd accounts works great. No problems there! However, when I get to step 2.2 and switch to the CrowdAuthenticator in seraph-config.xml and modify crowd.properties in /confluence/WEB-INF/classes/crowd.properties to the following, I am unable to log into my Confluence application:
#Fri Nov 16 15:01:18 CST 2012
session.lastvalidation=session.lastvalidation
# changed to application password as defined in Crowd
application.password=PASSWORD_4_APPLICATION
session.isauthenticated=session.isauthenticated
# application name as defined in Crowd
application.name=cvconfluence
crowd.server.url=https ://host_name.ahc.umn.edu :8443/crowd/services/
# added per directions
crowd.base.url=https ://localhost:8443/crowd/
session.validationinterval=0
session.tokenkey=session.tokenkey
application.login.url=https ://host_name.ahc.umn.edu :8443/crowd
I am getting an error of 2012-11-30 12:39:28,841 WARN http-8443-7 atlassian.seraph.auth.DefaultAuthenticator login login : 'gms' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
2012-11-30 12:39:40,509 WARN http-8443-7 atlassian.seraph.auth.DefaultAuthenticator login login : 'gms' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
2012-11-30 12:40:03,173 WARN http-8443-7 atlassian.seraph.auth.DefaultAuthenticator login login : 'confuser' tried to login but they do not have USE permission or weren't found. Deleting remember me cookie.
Please let me know why this does not work. The directions are pretty clear.
Thanks!
Thje problem for me ended up being use of inconsistent URL in my crowd.properties file. That fixed it just fine.
what was the problem with the URL? I am facing the same issue. Also what did you use for you URL? Which URL did you have to change?
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you look at the config above, the reference to the Crowd base was to localhost, while the Crowd server was to the actual canonical form of the URL.
Greg--
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
And wich one did you choose? Please give an example of what actually worked for you.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Greg,
Are you sure that your user is part of a group that has USE permissions inside Confluence?
If you take a look at the document we recommend that the user be placed inside the confluence-users or confluence-administrators group within Crowd. This ensures that they are inside default groups in Confluence.
Also within Confluence we want to make sure that the Crowd User Directory is placed first in the List of directories. If there is a gms user in the Confluence internal, or any other direcotry that is not part of the a permitted groups in Confluence you could be seeing this error.
Those would be the first places I would look. We can dig a bit deeper if necessary.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Daniel,
Just checked my Crowd users, and user gms is definitely in groups that have USE permissions, in particular, I added it to both confluence-users and confluence-admin groups.
However, in Confluence, the Crowd user directory is not first in the list. That being said, gms is not a member of the Confluence directory, just Crowd (see below for user output from the Confluence user console). In any case I can try switching the order of the directories, if you think that would make a difference.
| <label class="label">User:</label> | gms | 
| <label class="label">Full Name:</label> | Greg M Silverman | 
| <label class="label">Email:</label> | |
| <label class="label">Directory:</label> | Crowd Server | 
| <label class="label">Created:</label> | Nov 28, 2012 13:15 | 
| <label class="label">Last Updated:</label> | Nov 30, 2012 10:48 | 
| <label class="label">Login:</label> | Last Login: Nov 30, 2012 17:16Last Failed Login: Nov 30, 2012 12:39Total Failed Login Count: 4Current Failed Login Count: 0 | 
| <label class="label">Groups:</label> |  confluence-administrators  confluence-users  crowd-administrators | 
Thanks!
Greg--
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Greg,
Sorry now just getting back to this issue. The direcotry order would only matter if the user gms was in the directory listed above the crowd directory. As gms is not a member of the Confluence internal directory this should not matter.
The formatting on your post above is a little heard to read. Is this from your Crowd or Confluence interface? Are you able to take a screen shot of the page?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have the same problem when tried upgrading confluence from 2.8.1 to 5.1.2.
The problem by me was the confluence-administrators and confluence-users group haven't been migrated ( the problem started from version 3.5.x)
I followed the workaround described in https://confluence.atlassian.com/display/DOC/Restoring+Passwords+To+Recover+Admin+User+Rights
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
just to update: i chose to simply dump my old crowd configuration files, use the one local confluence user i had and just used the UI to setup the connection to Crowd...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I'm seeing the same thing during an upgrade and it looks more like Confluence not being able to connect to Crowd than anything else. I'm at a loss as to why as i've re-used the various settings from the old install (3.4) which has no issues connecting.
There are also no errors or anything in the crowd log files...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| just to update: i chose to simply dump my old crowd configuration files, use the one local confluence user i had and just used the UI to setup the connection to Crowd... | 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.