Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SAML setup as primary authentication mechanism

Brian
Brian
Contributor
January 22, 2019

Hello,

I have a quick question about setting up SAML as the primary authentication method for Jira 7.13

If we do this, what happens if our SSO application goes down?  Will I be locked out of logging into Jira?  Is there a backup login form that I can always use in this case? 

With SAML setup as the secondary authentication method it appears that we have this login form. 

Answer
Watch
Like Be the first to like this
627 views

1 answer

0 votes
Josh Steckler
Josh Steckler
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 23, 2019

Hi Brian,

There's a few different answers depending on how you're setting up SAML in your Jira.

If you're using Jira Datacenter, see the troubleshooting part of this page https://confluence.atlassian.com/enterprise/saml-single-sign-on-for-atlassian-data-center-applications-857050705.html where you can find instructions on disabling enforced SAML. This is done by command line with a local admin account.

If you're using one of the 3rd party addons, you should consult the vendor for the addon.

-Josh

View More Comments
Brian
Brian
Contributor
January 28, 2019

Hello Josh,

Yes we are using Jira datacenter.  The SSO IDP that we use is CA’s Siteminder.

In the link you provided me it says that if we are using SAML as primary authentication “it’s still possible to authenticate by: Basic Auth, Form-based auth via dedicated REST endpoint and Existing Remember Me tokens”.

So my question would be how do I use Basic Auth if primary authentication is turned on?  If the standard application login form is turned off when I set SAML as primary authentication what is “Basic Auth”? I don't see any instructions for that.

Like
Josh Steckler
Josh Steckler
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 29, 2019

I believe you would need to post to the /auth/1/session REST endpoint with your Basic auth. Then you'll get a session ID and cookie, which you can provide for auth for the remaining REST calls. You'll need to find out how to store the cookie in a jar in your programming language. I.e. https://stackoverflow.com/questions/7164679/how-to-send-cookies-in-a-post-request-with-the-python-requests-library

 

Here's one I wrote in Perl a while ago


my $ua = LWP::UserAgent->new( cookie_jar => {} );

my $firstauthheaders = {'Content-Type' => 'application/json', Accept => 'application/json'};
my $authurl = "/rest/auth/1/session";
my $authclient = REST::Client->new( { useragent => $ua } );
my $data = "{\"username\": \"$username\", \"password\": \"$password\"}";
$authclient->setHost("<myJiraBaseUrl>");
$authclient->POST(
 $authurl, 
 $data,
 $firstauthheaders
);

 

And then the code to reference the cookie stored in the first step

 my $url = "/rest/api/2/search";
 my $headers = {"Content-Type" => 'application/json', Accept => 'application/json', Cookie => 'JSESSIONID=$session_id'};
 my $data = "{\"jql\": \"project in (\\\"Blah\\\" order by created asc\",\"startAt\":0,\"maxResults\":1000,\"fields\": [\"reporter\"]}";
 $client_getissues = REST::Client->new( { useragent => $ua } );
 $client_getissues->setHost("<myJiraBaseUrl>");
 $client_getissues->POST(
 $url,
 $data,
 $headers
 );
 $getissues_response = decode_json($client_getissues->responseContent());
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security