|
This Authenticator adds users to confluence-users as they log in. To use it, change the line: <authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/> in <Confluence-Install>/confluence/WEB-INF/classes/seraph-config.xml to: <authenticator class="com.atlassian.confluence.user.ConfluenceGroupJoiningAuthenticator"/> If you are using Confluence 2.2 you need to download the ConfluenceGroupJoiningAuthenticator.class file and put it in WEB-INF/classes/com/atlassian/confluence/user. Confluence 2.3 and later include this class as standard. From Confluence 2.6, the directory structure WEB-INF/classes/com/atlassian/confluence/user no longer exists. The files and classes that used to exist here, now reside within the confluence-2.6.0.jar in WEB-INF/lib directory. |
Comments (35)
Oct 09, 2006
Jonas Sundman says:
Works with Confluence 2.2.9 on RHEL 4, MySQL 4.1 and Tomcat 5.5. Great utility.Works with Confluence 2.2.9 on RHEL 4, MySQL 4.1 and Tomcat 5.5. Great utility.
Oct 09, 2006
Tom Davies says:
Thanks for the feedback!Thanks for the feedback!
Oct 10, 2006
Michael McKeown says:
Any chance of getting this merged with the NTLM authenticator? <authenticato...Any chance of getting this merged with the NTLM authenticator?
<authenticator class="at.roteskreuz.w.confluence.ntlm.NTLMAwareAuthenticator"/>
The source and binaries are athttp://svn.atlassian.com/fisheye/viewrep/public/contrib/confluence/ntlm-authenticator
Feb 09, 2007
Jose H REMY says:
I am currently using the following <authenticator class="org.soulwing.conflu...I am currently using the following
<authenticator class="org.soulwing.confluence.cas.ConfluenceCasAuthenticator"/>
Is there a way to also use ?
<authenticator class="com.atlassian.confluence.user.ConfluenceGroupJoiningAuthenticator"/>
or any other way to import LDAP users ?
Feb 09, 2007
EnBW says:
Take a look in the source-code of the groupjoiningauthenticator. There you will ...Take a look in the source-code of the groupjoiningauthenticator. There you will find the lines that will do the group joining. Copy them to the right place into your custom authenticator and recompile. Take attention with the order: You will have to insert the Principal "ConfluenceUser" (fetched by getUser) after the groupjoining into the session. Otherwise the user have to logout the first time hes using confluence.
Mar 16, 2007
Peter Brandström says:
Not included in 2.4.2. Nice idea.Not included in 2.4.2. Nice idea.
Apr 10, 2007
Royce Wong says:
Can the same thing be accomplish in JIRA? I am using JIRA 3.8 Enterprise.Can the same thing be accomplish in JIRA? I am using JIRA 3.8 Enterprise.
Apr 11, 2007
Mei Yan Chan says:
Hi Royce, JIRA uses Jelly script to automatically import users from LDAP. It's ...Hi Royce,
JIRA uses Jelly script to automatically import users from LDAP. It's possible for you to modify the script to group the users. Please see:
Importing user from LDAP
Hope this helps.
Regards,
Mei
Oct 31, 2007
Britt Treece says:
Does this work on newer 2.5.X versions of Confluence? I have enabled LDAP ...Does this work on newer 2.5.X versions of Confluence? I have enabled LDAP for users but not groups and am trying to get Confluence to add users to the confluence-users group, but it does not.
Oct 31, 2007
Peter R. says:
Working fine on v2.5.4 for us. Followed the instructions at the top.Working fine on v2.5.4 for us. Followed the instructions at the top.
Nov 01, 2007
Andy Brook says:
fine in 2.5.6fine in 2.5.6
Dec 27, 2007
Phil Lochner says:
We had this working before upgrading to 2.6.1. Now that we've upgraded, users ar...We had this working before upgrading to 2.6.1. Now that we've upgraded, users are not auto-joined to confluence-users. Could be my fault because I don't remember re-applying this "fix".
I don't quite understand what I need to do after reading the last paragraph:
From Confluence 2.6, the directory structure WEB-INF/classes/com/atlassian/confluence/user no longer exists. The files and classes that used to exist here, now reside within the confluence-2.6.0.jar in WEB-INF/lib directory.
Any clarification on these instructions?
Dec 27, 2007
Partha Kamal says:
Phil, you only need to modify the file <Confluence-Install>/confluence/WEB...Phil, you only need to modify the file <Confluence-Install>/confluence/WEB-INF/classes/seraph-config.xml as per the instructions in the first 4 lines.
In order for the change to work you need the ConfluenceGroupJoiningAuthenticator.class which did not exist as part of the installation in confluence 2.2.
However from confluence 2.3 it comes standard with any confluence installation. Thus you do not need to worry about it.
The last instructions simply state that from 2.6 this class comes bundled in a jar file, i.e. hidden away from view. This was added in case someone decided to look for it in the file system and fail to find it.
Jan 14, 2008
Anonymous says:
I'm evaluating Confluence 2.6.2 for our organisation. I can't seem to get this ...I'm evaluating Confluence 2.6.2 for our organisation.
I can't seem to get this working, nor can I add LDAP users to the confluence-users group manually.
I can add them to other confluence-based groups, but not to confluence-users or confluence-administrators.
The dynamic LDAP plug in did not work either.
Am I missing something simple here?
Jan 14, 2008
Anonymous says:
I've discovered a work around for this: Delete the confluence-users group, and t...I've discovered a work around for this:
Delete the confluence-users group, and then re-create it.
Same for confluence-administrators.
Ensure that you still have a user with access and admin rights outside these groups first.
Afterwards, re-instate these groups with global access, and space access.
Manual + Auto add into confluence-users now works.
Feb 20, 2008
Alex Gregory says:
How does this work in 2.7? In 2.6 I created the "users" directory in the j...How does this work in 2.7? In 2.6 I created the "users" directory in the jar output and popped the class file in the users directory I had to creat and recompressed the jar file. Now the directory and file exist already. Its been a while so maybe I am rusty. How do you do this in 2.7 if the class file and directory already exist but the {{seraph-config.xml file does not exist to edit? Better yet, what are the paths and files that need to be edited in 2.7?
}}
Feb 21, 2008
Ming Giet Chong says:
Hi Alex, From Confluence version 2.6 onwards, the files and classes are reside ...Hi Alex,
From Confluence version 2.6 onwards, the files and classes are reside in the WEB-INF\lib\confluence-2.x.x.jar file. Thus, you just need to change the authenticator tag in the <Confluence-Install>/confluence/WEB-INF/classes/seraph-config.xml file as described in this page.
Hope this information helps.
Regards,
MG
Feb 21, 2008
Andy Brook says:
Anyone figure out how to achieve this result through CROWD? I think you'd be us...Anyone figure out how to achieve this result through CROWD? I think you'd be using a CROWD authenticator so you cant use this class. I've never had a satisfactory answer. Adding every user in AD to an AD group 'confluence-users' is just way to frought, Id like to handle it without AD changes.
Anyone been there done that?
Feb 22, 2008
Choy Li Tham says:
Hi Andy, I would suggest you to post your queries to our forum or mailing list....Hi Andy,
I would suggest you to post your queries to our forum or mailing list. From there, others developer/user who have experience in CROWD should be able to share their idea with you.
Regards,
Choy Li
Mar 26, 2008
Jay Hariani says:
Andy - Were you able to determine a way to solve this in Crowd? I'm facing the s...Andy - Were you able to determine a way to solve this in Crowd? I'm facing the same issue - large AD with no way to easily add everyone to confluence-users. We are using both Confluence & Crowd. Thanks!
Mar 27, 2008
Andy Brook says:
Not as yet, I opened CWD-770 but its not scheduled. If I can get 1.3 doing pass...Not as yet, I opened CWD-770 but its not scheduled. If I can get 1.3 doing pass-through authentication to AD there may be scope to fix this myself, but I currently have problems with seeming disparate encryption algorithms between internal and AD directories. I need to be able to fix this for both Confluence and Jira.
Its such a useful way to cull administrative overhead I'm surprised it isn't there already. In Confluences case, without CROWD, it works fine, with CROWD, it introduces overhead, which was I thought what CROWD was targeted at reducing, strange!
Vote for CWD-770!
If I manage to figure out a way to do this I will post here.
Andy.
Mar 27, 2008
Jay Hariani says:
I voted for 770. We were able to get 1.3.1 doing pass through fairly easily with...I voted for 770. We were able to get 1.3.1 doing pass through fairly easily with the delegated authentication directory connected to our LDAP server (which is just an AD domain controller). If you are able to get it working, and figure out a way to get Crowd to add custom groups, please let me know. Thanks!
Mar 27, 2008
Nate Nash says:
Voted and added a possible addition. This would be vastly helpful for dealing wi...Voted and added a possible addition. This would be vastly helpful for dealing with our 17k users.
Apr 14
Dave O'Flynn says:
Andy, The forthcoming Crowd 1.4 will provide one way to achieve this. It suppor...Andy,
The forthcoming Crowd 1.4 will provide one way to achieve this. It supports nested groups, or groups-that-contain-groups.
You can create a confluence-users group that contains the main local group(s) you actively manage.
Once we get 1.4 out into the world, we'll be in a much better position to attack issues like workflow requirements such as automatic user addition to groups and similar. But I would encourage folk to vote for CWD-770 to make sure we appreciate how important it is to you
Cheers,
Dave.
Feb 21, 2008
Royce Wong says:
I tested this with Confluence 2.7.1 and it works. I have a question though. I a...I tested this with Confluence 2.7.1 and it works.
I have a question though. I am using atlassian-user.xml to integrate with LDAP. I can see all my local and LDAP groups in Administration->Manage Groups. I click on a LDAP group and it shows its members. However, when I click on a member in that LDAP group, the use profile page says:
I then click on "Edit Groups", but the "Not a member of groups" list only shows local groups.
Why is that? Is it because I don't have dynamic group setup correctly?
Another question is: In Global Permission, I added a LDAP group and set it to the same permission as Confluence-users, however, users in that LDAP group couldn't log into Confluence. I got "You are not permitted to perform this operation." on the screen. It looked like the user got pass LDAP password auth. but unable to access Confluence's content. Why?
Feb 26, 2008
Anonymous says:
Did you ever get an answer to this ? We are having the same problem wastin...Did you ever get an answer to this ? We are having the same problem wasting yet another day trying to make Confluence do what it is supposed to.
Feb 27, 2008
Royce Wong says:
Right now, it seems like my LDAP's group to users relationiship is not right. ...Right now, it seems like my LDAP's group to users relationiship is not right.
I filed a support ticket: https://support.atlassian.com/browse/CSP-16079
I am curious, can someone got this working make a post here?
Feb 27, 2008
Choy Li Tham says:
Hi Royce, I understand that you need to solve the problem as soon as possible. ...Hi Royce,
I understand that you need to solve the problem as soon as possible. However, we will need more information to further investigate this issue. Hence, it would be appreciated that if you could follow up the issue from the CSP-16079 and the support engineer will help you to verify the problem from there.
Regards,
Choy Li
Apr 29
Peter R. says:
Hopefully a crazy question but would there be any issues with using this under v...Hopefully a crazy question but would there be any issues with using this under v2.5.4 in a clustered environment? It'd been working great in our single node but we're now having serious group membership issues in a two node cluster. CSP-18178 (Atlassian only, sorry). Thanks.
May 02
Mei Yan Chan says:
Hi Peter, This authentication method can also be used in a clustered environmen...Hi Peter,
This authentication method can also be used in a clustered environment. If you have problems configuring it, please raise a support ticket at:
Regards,
Mei