README-Confluence4.txt
To allow for SSO in Confluence 4.x using OpenAM follow the following steps:
Copy the OpenAM client sdk to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/
Create an AMConfig.properties to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/classes/ (or somewhere in the classpath) NOTE: you can find a template on: https://svn.forgerock.org/openam/trunk/opensso/products/amserver/clientsdk/resources/AMClient.properties but be aware that you have to rename the file to AMConfig.properties.
Copy this projects jar to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/
Edit $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/classes/seraph-config.xml:
1) Replace the following lines with the given values:
login.url
http://yourlogin.yourdomain.com/openam/UI/Login?goto=${originalurl}
link.login.url
http://yourlogin.yourdomain.com/openam/UI/Login?goto=${originalurl}
!! NOTE !!
Due to issue https://jira.atlassian.com/browse/CONF-4931 there is no need to provide a logout URL, since Confluence won't pick it up. See steps below to configure the logout URL.
2) Comment out this line:
3) Add this line:
Providing Single Log Out
As registered in issue https://jira.atlassian.com/browse/CONF-4931 the Seraph logout.url property will have no effect if it's defined.
Although this hampers Single Log Out functionality there is a workaround availabe and described in the same issue (https://jira.atlassian.com/browse/CONF-4931).
In short you will have to follow these steps to fix SLO:
1) Extract the xwork.xml file from the $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/confluence-4.x.x.jar:
(e.g.: jar xvf $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/lib/confluence-4.x.x.jar xwork.xml)
2) Edit the following section in the xwork.xml file to provide the logout URL:
...
/logout.vm
http://yourlogin.yourdomain.com/openam/UI/Logout
...
3) Copy the modified xwork.xml file to $ATLASSIAN_CONFLUENCE_APPLICATION_DIR/confluence/WEB-INF/classes/
Note that the modified xwork.xml file will take precedence on the bundled xwork.xml file.
Restart Confluence for the changes to take effect.
No newline at end of file