Setting your Browser Options for Automatic Login

If your browser and web applications support automatic login, you will be able to log in to your desktop computer, your intranet and the relevant web applications without being asked to log in again. Automatic login is also called pass-through sign-on, pass-through authentication, and sometimes single sign-on (SSO).

This page tells you how to set the options in your web browser (Internet Explorer or Firefox) to enable automatic login to Confluence. This will make it much more pleasant to use the Confluence SharePoint Connector.

What happens if you do not configure your browser as described below? You will keep getting the standard browser login popup each time you access Confluence. The popup looks like this:

Screenshot: Login dialogue from Internet Explorer

Setting up Internet Explorer

Set your options as follows for IE 6, 7 and 8.

1. Ensure that your SharePoint site(s) and Confluence site are included in the list of 'Local Intranet' sites.
   • Open Internet Explorer's 'Tools' menu and select 'Internet Options'.
   • Click the 'Security' tab.
   • Select the 'Local intranet' zone.
   • Click 'Sites'.
     Screenshot: Selecting Internet Explorer options
     
     
     
   • Click 'Advanced'.
   • Check the list of 'Websites' displayed.
     Screenshot: Configuring local intranet settings
     
     
     
   • If not already present, enter the web address (URL) of your SharePoint site(s) and your Confluence site into the textbox titled 'Add this website to the zone' and click 'Add' to add each address.
   • Click 'Close' to close the window showing the list of websites.
   • Click 'OK'.
     
     
2. Set automatic login in the intranet zone. If you are currently logged in with an Active Directory account, you will be automatically logged into SharePoint and Confluence.
   • On the 'Security' tab, make sure the 'Local intranet' zone is still selected and click 'Custom level'.
     Screenshot: Selecting custom intranet settings
     
     
     
   • Scroll down to the 'User Authentication' section (near the bottom of the list) and select the 'Automatic logon only in Intranet Zone' option.
     Screenshot: Choosing automatic 'log on' settings
     
     
     
3. Set the option to access data sources across domains. This will prevent a warning message from appearing when the browser attempts to log in to Confluence.

   Please check with your system administrator that this setting is acceptable for your environment

   Setting this option may increase the susceptibility of your browser to XSS (cross-site scripting) attacks within the local intranet zone. This should be fine if your intranet is accessible to trusted users only.

   • Scroll up to the 'Miscellaneous' section (about half way down) and select 'Enable' under to 'Access data sources across domains'.
     Screenshot: Enabling data source access across domains
     
     
     
   • Click 'OK'.
     
     
4. Close all your Internet Explorer tabs and windows, and start Internet Explorer again, to ensure that the new settings take effect.

Setting up Firefox 3.x

Follow the steps below to configure automatic login in Firefox 3.x.

1. Open Firefox.
2. Type 'about:config' into your Firefox address bar.
3. When prompted, click 'I'll be careful, I promise'.
4. Find the following 'Preference Name': network.automatic-ntlm-auth.trusted-uris.
5. Right-click it and select 'Modify'.
6. The 'Enter string value' dialogue box will appear. Type the URL of your Confluence site and the URL(s) of your SharePoint sites, separated by commas. For example:

   http://confluence.mycompany.com,http://sharepoint-url
   

   Another example:

   http://mycompany.com:8080/confluence,http://sharepoint-url-1,http://sharepoint-url-2
   

   Replace the one or more sharepoint-url-x values with the addresses of the SharePoint site(s) hosting the Confluence web parts.
7. Click 'OK'.

Administrators may find this Mozilla Firefox documentation useful: Deploying Firefox – Centralized Settings Management and Control.

Setting up Firefox 2.0

This procedure will relax your Firefox security quite a bit. Firefox will no longer pop up a security dialogue when a cross-domain AJAX call is made. If you wish, you can set up a separate profile in Firefox to use to verify your configuration before using it with your usual profile. Please refer to the Firefox documentation for more information on managing profiles.

Follow the steps below to configure automatic login in Firefox 2.0.

1. Close all your Firefox tabs and windows. The setup procedure will not work if Firefox is open, because Firefox will overwrite the changes you make to the prefs.js file.
2. Find your prefs.js file.
   • In Windows, it is typically located in the following location:
     C:\Documents and Settings\<YOUR_USERNAME>\ApplicationData\Mozilla\Firefox\Profiles\<YOUR_TEST_USER_PROFILE_ID>\prefs.js
   • In Mac OS, it is typically located at:
     /Users/<YOUR_USERNAME>/Library/Application Support/Firefox/Profiles/<YOUR_TEST_USER_PROFILE_ID>/prefs.js
3. Open the file for editing and add the following lines:

   user_pref("capability.policy.confluence.XMLHttpRequest.open", "allAccess");
   user_pref("capability.policy.confluence.sites", "http://<sharepoint url 1> http://<sharepoint url 2> http://<sharepoint url n...> ");
   user_pref("capability.policy.policynames", "confluence");
   

   Replace the one or more <sharepoint url> values with the addresses of the SharePoint site(s) hosting the Confluence web parts. Please leave a space after the setting.
4. Save the prefs.js file.
5. Restart Firefox.

Setting the <sharepoint url> value(s) will limit Firefox to opening XMLHttp request FROM pages hosted by the respective SharePoint sites.