Online Help

SafeNet Trusted Access for Confluence

Overview

Configuring SafeNet Trusted Access for Confluence is a three-step process:

1.Confluence setup

2.SafeNet Trusted Access setup

3.Verify Authentication

Confluence Setup

As prerequisites,

Download the Identity Provider metadata from the SafeNet Trusted Access console by clicking on the Download metadata file button. You will need this metadata in one of the steps below.

Download the SAML single sign-on plugin from Atlassian to delegate user authentication from Confluence to the SAML Identity Provider. The SAML single sign-on plugin can be downloaded using the following URL:

https://marketplace.atlassian.com/plugins/com.resolution.atlasplugins.samlsso.Confluence

Further, you need to perform the following steps to install the SAML single sign-on plugin:

1.Log in to Confluence as an administrator.

2.On the Confluence Dashboard, click Confluence Administration > Add-ons.

3.On the Administrator Access window, enter the administrator password, and then click Confirm.

4.On the Confluence Administration window, in the left pane, click Manage add-ons, and then in the right pane, click Upload add-on.

5.On the Upload add-on window, click Choose File to search and select the SAML sign-on add-on JAR file, and then click Upload.

6.After the add-on is successfully installed, a confirmation message is displayed. Click Close.

7.On the Confluence Administration window, in the left pane, click Manage add-ons.

8.In the right pane, under User-installed add-ons, expand SAML SingleSignOn for Confluence, and then click Configure.

9.A wizard opens that enables you to connect your Identity Provider (IdP) to the Confluence installation. Click Add new IdP.

10.On the Choose your SAML Identity Provider window, complete the following steps:

a. In the IdP Type field, select Import Metadata from XML.

b.In the Name field, enter a name for the IdP (for example, IdP).

c.Click Next.

11.On the Import SAML IdP Metadata window, perform the following steps:

a.Click Load File to search and select the Identity Provider metadata that you downloaded earlier from the SafeNet Trusted Access console.

b.Click Import.

c.Click Next.

12.Click Next.

13.Click Save & Next.

14.On the Identity provider configuration window, click on the URL given next to the Metadata URL field to open the Confluence metadata. Save the metadata on your local machine and then click Next.

15.On the Test your settings window, click Skip test and configure manually.

16.Click OK. The wizard will be closed.

17.On the SAML SingleSignOn Plugin Configuration window, perform the following steps:

a.In the left pane, click Redirection.

b.In the right pane, select the Enable SSO Redirect check box.

c.Click Save settings.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in Confluence, the second step is to activate the Confluence application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the Confluence application that you added previously is currently in inactive state by default. To configure and activate this application, click the application (for example, Confluence) and proceed to the next step.

2.Under STA Setup, click Upload Confluence Metadata.

3.On the Metadata upload window, click Browse to search and select the Confluence metadata that you downloaded earlier in step 14 of Confluence Setup.

Under Account Details, the service provider metadata information is displayed.

4.Under Advanced Settings, in the IDP INITIATED SSO RELAY STATE field, enter the relay state value if your application requires a unique relay state (this is a URL in Confluence to which you will be redirected after successful login).

For rest of the fields, modify the default values as per your preferred configuration.

5.Click Save Configuration to save the details and activate the Confluence application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the Confluence login URL, http://<Domain Name or IP Address>:<Port>/plugins/servlet/samlsso, where, <Domain Name or IP Address> is the domain name or IP address that you entered while deploying Confluence on your local machine. You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Confluence user portal after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the Confluence application icon, you should be redirected to the Confluence user portal after authentication.

 

© 2018 SafeNet Trusted Access. Various trademarks held by their respective owners.