org.forgerock / org.forgerock.openam

Name	Last Update	Last Commit 7c24d199 – CR-1169; Fix for AME-307, as a writer, I want t... History
..
src/main/java/org/forgerock/openam/extensions/crowd	Loading commit data...
README-Confluence4.txt	Loading commit data...
README-JIRA5.txt	Loading commit data...
pom.xml	Loading commit data...

README-Confluence4.txt

To allow for SSO in Confluence 4.x using OpenAM follow the following steps:

Copy the OpenAM client sdk to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/
Create an AMConfig.properties to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/classes/ (or somewhere in the classpath) NOTE: you can find a template on: https://svn.forgerock.org/openam/trunk/opensso/products/amserver/clientsdk/resources/AMClient.properties but be aware that you have to rename the file to AMConfig.properties.
Copy this projects jar to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/

Edit $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/classes/seraph-config.xml:

1) Replace the following lines with the given values:

login.url
http://yourlogin.yourdomain.com/openam/UI/Login?goto=${originalurl}

link.login.url
http://yourlogin.yourdomain.com/openam/UI/Login?goto=${originalurl}

!! NOTE !!
Due to issue https://jira.atlassian.com/browse/CONF-4931 there is no need to provide a logout URL, since Confluence won't pick it up. See steps below to configure the logout URL.

2) Comment out this line:

3) Add this line:

Providing Single Log Out
As registered in issue https://jira.atlassian.com/browse/CONF-4931 the Seraph logout.url property will have no effect if it's defined.
Although this hampers Single Log Out functionality there is a workaround availabe and described in the same issue (https://jira.atlassian.com/browse/CONF-4931).
In short you will have to follow these steps to fix SLO:

1) Extract the xwork.xml file from the $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/confluence-4.x.x.jar:
(e.g.: jar xvf $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/confluence-4.x.x.jar xwork.xml)

2) Edit the following section in the xwork.xml file to provide the logout URL:
...

/logout.vm
http://yourlogin.yourdomain.com/openam/UI/Logout

...

3) Copy the modified xwork.xml file to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/classes/
Note that the modified xwork.xml file will take precedence on the bundled xwork.xml file.

Restart Confluence for the changes to take effect.
No newline at end of file