Versions Compared

Version Old Version 4 New Version Current
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
typeflat

Description

The Client Certificate Authentication

is an add-on

solution is a JAR made for Atlassian JIRA, Confluence, Bamboo and Bitbucket (Server) / Stash

When users try to access

JIRA

any one of the Atlassian tools, the browser will prompt them to select their certificate. Users will then be automatically logged

in to JIRA Allow you

into the application if their username already has an account.

To enable this integration, you will need to have the Atlassian application integrated with Apache via a reverse proxy.

Introduction

If your user name does not exist, the plugin may:

This document describes using client certificates as an authentication mechanism in JIRA. In the terms of smart cards, certificates are still passes from the smart card into the browser via the smart card client.

The method described here will allow JIRA to use client certificates for authentication without a password.

Note
titleNotes
  • If you find yourself without a valid certificate and locked out of JIRA, you may need to effectively undo all the plugin setup to log in with a regular JIRA account
  • Not allow you to log in at all
  • Automatically create a JIRA account for your username

    • Resources

    Issue Tracker

    (Support, New feature and Improvement Requests)

    		http://jira.go2group.com/browse/CCA

    Page Tree Search

    Page Treeroot@selfexpandCollapseAlltrue
    • again
    • If your certificate contains more than one identify, the first valid identify will be used
    • The plugin assumes that the user ID is contained in the CN entry
      • If that is not the case in your certificate, a minor code customization will be necessary

    Image Added

    1. This is the diagram for first access
    2. As certificates can be installed directly into the browser, depending on your browser settings, users will either be prompted for the certificate or the default certificate will be automatically used and validated
    3. This setup requires administrators to setup a User Directory before hand
      1. This User Directory will be used to pull user, groups and the memberships
      2. Runs every xx minutes to make sure that they sync is up to date

    Image Added

    1. This is the diagram for first access
    2. As certificates can be installed directly into the browser, depending on your browser settings, users will either be prompted for the certificate or the default certificate will be automatically used and validated