Confluence preparation
Configuring the Authenticator
The following files should be placed in TOMCAT_HOME/kerberos for WAR-installations, /opt/atlassian/confluence/kerberos for Linux- installations and c:\Program Files\Atlassian\Confluence\kerberos for Windows installations. When creating this directory ensure that confluence's java process has access to the directory contents.
authenticator.properties
This file should reflect the user you made for Confluence into the Active Directory.
|
jaas.config
|
krb5.config
You should change "domain.com" from these examples to reflect the name of your Windows Domain.
|
Installing the extension to Confluence
Install Integrated Windows Authentication App
Install Integrated Windows Authentication App from the Apps Manager or download from the Atlassian Marketplace Also generate an evaluation license and copy paste in place.
Install Apache Commons network library
Apache commons networking library is needed for the features of this authenticator. In this case copy the commons-net.3.0.1.jar into confluence/WEB-INF/lib. Downloadable library jar can be found here, http://search.maven.org/#browse%7C1683288677
Install the authenticator jar
Copy the iwac-lib-x.y.z.jar into confluence/WEB-INF/lib. This can be downloaded from Polar Shift's download server:
- for Confluence 5.x versions download iwac-lib-1.x version
Configure Confluence to use the Integrated Windows Authenticator
Edit confluence/WEB-INF/classes/seraph-config.xml.
|
Java 11 compatibility
For Java 11 an extra property needs to be added to confluence/bin/setenv.sh or confluence/bin/setenv.bat file:
|
Configuring Confluence
Confluence User Directory
If you have not done it yeat, setup a Directory connection.
Access Control
In Confluence's Administration Console (web UI) you can find Global Permissions under the Security section. Here you can add usage permissions to AD users and groups made in AD preparation.
Log files
IWAC makes log entries via Confluence's own logger. Logs can be found in your installations home-/data-directory in logs/atlassian-confluence.log.
Log level can be set via Confluence's Administration Console and Logging and Profiling . Just add new entry for fi.polarshift.confluenceand set desired level. On DEBUG level authenticator generates a lot of log entries. DEBUG level in not recommended for long time use.