Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

2024年7月

Table of Contents

...

Click the “SSO Configure” button in the “URANUS SSO” section to enter the plugin configuration steps.

2.5 Plugin Configuration

2.5.1 Okta or Auth2

...

Config with Atlassian Plugin

Note:This section is supported by Jira Confluence Bitbucket.

...

Select here whether to enable SSO login function.

2.

...

5.2 Saml Config with Jira Plugin

Note: that the current Saml protocol only supports use in Jira

...

SpEntityId: SP service, which is the entity ID of the current Jira application. Configure links such as:${baseUrl}/plugins/servlet/igsl/redirect/sso/samlLogin

spAcsUrl: After logging in to the IDM service, this interface will be called for authentication and automatic login. Configure links such as: ${baseUrl}/plugins/servlet/igsl/redirect/sso/samlAcs

spLogoutUrl: SP logout address, which will call IDP logout and then exit the Jira system. Configure links such as: ${baseUrl}/plugins/servlet/igsl/redirect/sso/samlLogout

spX509Cert: SP service refers to the certificate of the server where Jira is currently located.

...

Command to generate certificate and private key:

keytool -genkeypair -alias mykey -keyalg RSA -keystore keystore.jks

keytool -export -alias mykey -keystore keystore.jks -file mycertificate.cer

openssl x509 -in mycertificate.cer -out mycrt.crt

keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype JKS -deststoretype PKCS12

openssl pkcs12 -in keystore.p12 -nocerts -out private_key.pem -nodes

IdpEntityId: idp service entityId, this in metadata.xml. We will introduce it later in Keycloak.

...

Email Attribute: get saml fullname attribute. The bound is Jira's email.

Keycloak

...

Config

...

ADFS

...

Config

...

copy to adfs

...

copy to adfs

...

image-20241010-040907.png

image-20241010-040936.pngimage-20241010-041003.pngimage-20241010-041024.pngimage-20241010-041045.png

get idp xml

...