Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Log into your FishEye as Admin.
  2. In the cog wheel menu, select Add-ons.
  3. In the GLOBAL SSO section, click Global SSO Settings.
    The Global SSO Configuration page opens. 
  4. Fill in the fields on this page. The field description is provided in the table below.


Note

If you entered wrong parameters, use a ''back door" functionality in order to avoid cyclic redirects and to access application bypassing SSO. To do this, add a GET parameter sso=off to the needed URL. Example: https://example.fecru.com/?sso=off.

Field description for the Global SSO Configuration page

Attribute

Description

Examples
Login URL

Identity provider (IDP) login page

  • https://adfs-test.com/adfs/ls/idpinitiatedsignon
  • https://aag0677.my.centrify.com/applogin/appKey/8980f085-4d24-48a7-a701-bb13c4e90b0f/customerId/AAG0677
Logout URL

Identity provider (IDP) logout page

  • https://aag0677.my.centrify.com/applogout
  • https://adfs-test.com/adfs/ls/?wa=wsignout1.0 
Time Expiry

Life length of SSO Token (cookie) for authentication in seconds. Default value is 14400 (4 hours).

Each application has two sessions – its own session and SSO session. When application's session expires, the user will be logged out from the application. When SSO session expires, the user will still be able to use this application but won't be able to log into another one without IDP re-authentication.

14400
Exclude paths

You can disable SSO from URLs which contain custom pieces of URL (semicolon separated values). 

By default Global SSO blocks REST API, so in order to allow for this, add an exclusion for the REST path ("/rest").

/redirect;/rest/usermanagement;/rest/api
Exclude IP addressesTo support deep linking between applications, specify a list of application's IP addresses for linking separated by semicolon.

...

You can test your SSO cookie by using the Test SSO button:

Related topics

SSO 3.X - Configuring Jira SSO app

...

Note

If you entered wrong parameters, use a ''back door" functionality in order to avoid cyclic redirects and to access application bypassing SSO. To do this, add a GET parameter sso=off to the needed URL. Example: https://example.fecru.com/?sso=off.

Field description for the Global SSO Configuration page

Attribute

Description

Examples
Login URL

Identity provider (IDP) login page

  • https://adfs-test.com/adfs/ls/idpinitiatedsignon
  • https://aag0677.my.centrify.com/applogin/appKey/8980f085-4d24-48a7-a701-bb13c4e90b0f/customerId/AAG0677
Logout URL

Identity provider (IDP) logout page

  • https://aag0677.my.centrify.com/applogout
  • https://adfs-test.com/adfs/ls/?wa=wsignout1.0 
Time Expiry

Life length of SSO Token (cookie) for authentication in seconds. Default value is 14400 (4 hours).

Each application has two sessions – its own session and SSO session. When application's session expires, the user will be logged out from the application. When SSO session expires, the user will still be able to use this application but won't be able to log into another one without IDP re-authentication.

14400
Exclude paths

You can disable SSO from URLs which contain custom pieces of URL (semicolon separated values). 

By default Global SSO blocks REST API, so in order to allow for this, add an exclusion for the REST path ("/rest").

/rest/usermanagement;/rest/api
Exclude IP addressesTo support deep linking between applications, specify a list of application's IP addresses for linking separated by semicolon.

...

You can test your SSO cookie by using the Test SSO button:

Related topics

SSO 3.X - Configuring Jira SSO app

...