Configure EasySSO

Custom authentication is used when a reverse proxy or external appliance performs the authentication and passes the user identity to Atlassian application via a value of HTTP header or some custom code running inside the application sets the value of request attribute. See EASYSSO WITH HEADERS for more details.

To start using custom authentication

  1. Click the EasySSO link under "TechTime Add-Ons" section usually located in the left panel of the Admin screen.

  2. Click "Headers" to configure headers-based authenticator

Configure the following parameters:

  1. Type: select Header or Attribute from the drop down box
  2. Name: enter the name of the header or attribute
  3. Check the Get Username checkbox if you want the value of the header or attribute to be used as the user identity during SSO
  4. Check disable NTLM/Kerberos if the presence of the header or the attribute should disable NTLM/Kerberos authenticator.
  5. IP FIlter: enter whitelist values for clients that are trusted to supply header values, as a comma-separated IP addresses, IP ranges x.x.x.x-y.y.y.y, or networks CIDR notation
  6. If you have additional headers or attributes you wish to inspect click on the plus under Type and repeat steps 1 - 6 until all required rules for the attributes and headers are set up (consider a use case when a header should stop NTLM/Kerberos, but needs to be pre-processed first by the custom code, so the real identity will be set via attribute – see EASYSSO WITH HEADERS for more details)
  7. Click Save.




Other Documents

Purchase from the Marketplace

EasySSO for JIRA, Confluence, Bamboo, Bitbucket and Fisheye/Crucible