Skip to main content
Skip table of contents

Frequently Asked Questions (FAQ)

This is the Frequently Asked Question (FAQ) page.

This page will be updated as sfrequently as possible.

Table of Contents

Usage

QuestionAnswer
What Atlassian products does this integrate with?
  1. JIRA
  2. Confluence
  3. Bamboo
  4. Stash
  5. Crowd

Please view the Version Matrix to find out the exact version of the Atlassian tools we support. Users can integrate one or multiple applications to the solution. Users can also integrate multiple of the same application to the solution.

Who can use this solution?Not only can this solution be deployed in governmental organizations, this solution can also be installed into organizations that use smart cards with client certificates in it to achieve the same result.
What platform does the solution support?

As SSO is a server-side based application, the client platform does not affect how SSO works. As long as the client uses an Atlassian supported web browser such as Chrome, Firefox, IE and Safari, then SSO will work.

On the server side, we have tested the setup using Apache 2.2 running on RedHat / CentOS

Your administrator confirms that the installation is successful and should work as intended. However, you still cannot login into the supported applications

Please try to clear your browsers cache including it's cookies

Instead of specifiying the username in the configuration, I want to authenticate users based on email addressThis is possible. The client-cert.properties allows you to change the configuration to search for users using an email address instead of using and regexing the value


top

Installation

QuestionAnswer
What is the prerequisite for installing the solution?
  1. Goldfinger Holdings does require users to have a functional web server (e.g. Apache or IIS or nginx) that is already tied with SSL before the installation progress can proceed
  2. Please review the Version Matrix for the supported platforms
Which application does user, group and membership management?

There are two options here.

  1. Crowd
  2. LDAP/AD

Users are encouraged to let Crowd or LDAP/AD manage users, groups and membership

How do I redirect user to my SSO page?There are the params to change in seraph-config.xml
  • login.url
  • link.login.url
  • logout.url
How do I disable the login gadget for JIRA?

There is a tag to change in $JIRA_HOME/atlassian-jira/WEB-INF/classes/jpm.xml

XML 
        <property>
            <key>jira.disable.login.gadget</key>
            <default-value>false</default-value>
            <type>boolean</type>
            <admin-editable>false</admin-editable>
            <sysadmin-editable>false</sysadmin-editable>
        </property>

Change the default-value from false to true

How to I regex the username of an email?

There are instances where the username of the user in the application is the username in the email address. This is used especially if you want to get the username from the SSL_CLIENT_SAN_OTHER_msUPN_n or msUPN (e.g. SSL_CLIENT_SAN_OTHER_msUPN_0) attribute.

Example:

The regex that you can use to get 1234567890 is:

  • Regex Pattern: ^(?!.*?[._-]{2})[a-zA-Z0-9._-]+(?=@)
  • Group: 0
How do I set the logging level to debug?

You can set the logging level to DEBUG (or others) by following this guide.

The package that you should use is com.go2group and the level to set is DEBUG.

How do I enable checking on certain URLs only?

Here is an example in Apache:

CODE 
<IfModule mod_headers.c>
    <If "%{THE_REQUEST} <your_does_not_match_condition>>
        RequestHeader set cca_ignore_header "true"
    </If>
</IfModule>

If this header exists and it is true, the add-on will not process its business logic. So:

CODE 
<If "%{REQUEST_URI} !~ m#/bitbucket/login#">
    RequestHeader set cca_ignore_header true
</If>
<Else>
    SSLVerifyClient optional
    SSLVerifyDepth  3
    SSLOptions +StdEnvVars +ExportCertData
    RequestHeader set SSL_CLIENT_S_DN    ""
    RequestHeader set PROXY_SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}e"
    RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
</Else>


top

Troubleshooting

QuestionAnswer
Need more logging?
  1. For JIRA
    1. Turn the logging level to DEBUG (https://confluence.atlassian.com/display/JIRA/Logging+and+Profiling)
    2. Aim the logging package to com.go2group.cca and com.Goldfinger Holdings.jira
  2. For Confluence:
    1. Turn the logging level to DEBUG (https://confluence.atlassian.com/display/DOC/Configuring+Logging)
    2. Aim the logging package to com.go2group.cca and com.Goldfinger Holdings.confluence
  3. For Stash (Not available at the moment; Tracked at CCA-59)
  4. For Bamboo
    1. Turn the logging level to DEBUG (https://confluence.atlassian.com/display/BAMBOO/Logging+in+Bamboo)
    2. Aim the logging package to com.go2group.cca and com.Goldfinger Holdings.bamboo
To disable the app from via the database
CODE 
select propertystring.id, propertyentry.property_key, propertystring.propertyvalue 
from propertyentry, propertystring where propertyentry.id = propertystring.id 
and propertyentry.property_key like 'com.go2group%';

From the resultant SQL query, change the value from true  to false  where the propertyentry.property_key is com.go2group.ccaj.ccaconfig.cca.enabled.


top

Pricing and Licensing

QuestionAnswer
What is the price for the solution?Please refer to the Tiers, Pricing & Examples page to understand how much you have to pay for the license
How long is the licensee valid for?

The license generated is based on the number of years purchased

At the end of the of the license, the product will cease to function

What kind of licensing model does this solution use?The licensing model which is used is a subscription based. Licenses are required to be renewed before it expires
Is there a trial license?Yes. Goldfinger Holdings will provide trial licenses for users that wish to test the solution in their environment before making the purchase.


top


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close