SSO Authenticator for AD/ADFS/LDAP and Atlassian Servers (via Kerberos)
Single sign-on authenticator for Active Directory/Active Directory Federation Service/LDAP, including full support for Confluence, JIRA, Bitbucket Server (formerly Stash), Crowd, Bamboo, FishEye, Crucible, SVN
Atlassian applications (Confluence, JIRA, Crowd, Fisheye, etc..) have no out-of-the-box support for single sign-on in an Active Directory environment.
What is NTLM and Kerberos in the first place?
The table below describes these Microsoft technologies in quick terms. We'll resort to Wikipedia for the official definitions to get you up to speed quickly (or to confuse more. Hmm.)
In short, SSO authentication protocols that work within MS Active Directory/Windows environments:
Meant for Win9X, NT 3.51
Libraries available in deprecated version of open source JCIFS
IE and Windows only, very crackable, susceptible to man-in-the-middle attacks, chatty on network
Meant for NT 4.0 SP4
More secure than NTLMv1.
Default authentication for Active Directory
Client machine must be joined to domain
Our Recommended Solution
AppFusions currently supports deployments to with:
- FishEye/Crucible (per repository permissions not supported)
- Crowd (SSO for the admin accts to Crowd - not distributed amongst connected applications)
- SVN (not an Atlassian product, but still)
Client applications that call Atlassian web services protected by custom Integrated Windows Authentication plugin need to authenticate with IWA, as well as use the token obtained by passing in username and password to login method.
Please email us and lets get you going!