Versions Compared

Old Version 2

changes.mady.by.user Laas Toom

Saved on

compared with

New Version Current

changes.mady.by.user Laas Toom

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

And there select the group name from the list that all users belong to who need access. For GÉANT 4 Phase 1 that was named GN4-1_PP (as in Project Participants).

 

Image RemovedImage Added

 

SAML login

Installing SAML plugin

SAML login is based on SAML 2.0 Single Sign-On for Jira plugin by Bitium, Inc. Search for it in the marketplace and install it.

 

Image RemovedImage Added

 

At the time of writing the plugin is at version v 1.0.3 which does not have all patches created during GN4 phase 1, but the essentials to allow federated login.

...

 

Code Block
Login URL: https://login.terena.org/wayf/saml2/idp/SSOService.php
UID Attribute: TAL:federated_user_id
X.509 Certificate:
-----BEGIN CERTIFICATE-----
MIICGTCCAYICCQCTYS2pMIdaaDANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJOTDELMAkGA1UECBMCTkgxEjAQBgNVBAcTCUFtc3RlcmRhbTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTEwMDkwMTE4NTMyMFoXDTM4MDExNjE4NTMyMFowUTELMAkGA1UEBhMCTkwxCzAJBgNVBAgTAk5IMRIwEAYDVQQHEwlBbXN0ZXJkYW0xITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvhzp9Tk7zQC+q5cpS36FMaaX3uQp6Sksnh+EnFtKFKeR4lKPmmgCSmVZkFdkgd7cE/vfFBInrQdb2rvLZrICdQbyLDuhQJUyqZHK52nbtP5FNcRN7V9LjpBB3CsUznenQoJLrpdPogSMDlSPjeLTaeB697EdZTt7IAmWDQmWWb8CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAbKXFszQd2En/pqaxHWPISCqcpPfAxXXm7PNZ+sem6TYbtJuY7V68T1izuvax10FFgXBoltLKTg9IOdou6ZO+g5JrdMq1sOCQL/kILdmaIUZjm/hIeoygbwN3I0LhoxZbJqgWT5+gLtb+7JGRmbs8WE/3/Wm5i17ITMxptGjZQnQ==
-----END CERTIFICATE-----

Entity ID: https://login.terena.org/wayf/saml2/idp/metadata.php
Default Group for Auto-created Users: jira-software-users

 

 

Image RemovedImage Added

 

 

Note

IMPORTANT: Do not check Force SSO login nor Auto-create User. This allows login from local users too and will authorize only those users that exist in the Grouper LDAP. The default group is set just in case, as autocreated admin users are not that good idea.

 

...