Overview
Pixelpark developed a custom Seraph authenticator for Confluence, which uses the variable "REMOTE_USER" at the Webserver layer for Singel Sign On (SSO).
A webserver plugin (apache 2.x with mod_auth_ldap) protects the Ressource "/" and is responsible for basic authentication
The Web Server (Apache or Sun Java System Web Server) sets the REMOTE_USER variable in the request to the username
before allowing through to the application. You also have to configure Confluence for external user management using LDAP.
The Custom Seraph authenticator for Confluence is attached in source Code.
We work with this plugin since about one year without any problems.
| Name | Size | Creator (Last Modifier) | Creation Date | Last Mod Date | Comment | ||
|---|---|---|---|---|---|---|---|
 |
 seraph-config.xml |
2 kB | Thorleif Wiik | Jun 12, 2007 | Jun 12, 2007 | Example seraph config for SSOAuthenticator | |
|
 SSOAuthenticator.java |
2 kB | Thorleif Wiik | Jun 12, 2007 | Jun 12, 2007 | SSOAuthenticator java source Code |
Comments (1)
Nov 08, 2007
Oleksii Gnatkevych says:
It takes more than just downloading it to setup. At first Tomcat AJP connector h...It takes more than just downloading it to setup. At first Tomcat AJP connector has to be fixed in server.xml with option
tomcatAuthentication="false"Then mod_jk seems has to be fixed with
apache option (not 100% sure about this step). Then the class has to be compiled:
and then SSOAuthenticator.class to be put in .../WEB-INF/classes/com/pixelpark/seraph/ folder.
To set Apache 2 for NTLM authentication on Linux one just installs mod_auth_ntlm_winbind from Samba suite.