Excerpt | ||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||
CaveatsSupported PlatformsDue to the complex nature of this configuration, Atlassian is only able to provide support if your configuration satisfies these additional conditions:
Additional DependenciesUsing this configuration adds a number of additional dependencies to Confluence, which you should review. Custom Seraph AuthenticatorThis configuration requires the use of a specialized Seraph authenticator for Confluence. Install and configure this component on the server that host Confluence. If you are already using a different custom Seraph authenticator, you may not be able to use this configuration. In this situation, you must either choose a different configuration for the SharePoint Connector or consider developing a new custom Seraph authenticator that aggregates the functionality of both.
Custom ISAPI FilterThis configuration requires the use of a custom ISAPI filter for IIS that can communicate using AJP. Install and configure this component on the server that has IIS installed. Atlassian will only support the use of the open source Tomcat Connector provided by the Apache Tomcat project.
Anonymous Access DisabledDue to limitations with the custom Seraph authenticator that Confluence requires for this configuration, it is not possible to set up anonymous access for Confluence when using this configuration. Atlassian is currently reviewing the suitability of using the third-party NTLM Authenticator for Confluence instead. Known issuesThese are some reported problems with this configuration:
Assumptions
Installation InstructionsStep 1. Configure Confluence for LDAP User Management
Set up your Confluence server to synchronize its user repository with your Windows Active Directory domain. See the Confluence documentation on LDAP user management. Step 2. Configure IISThis and following steps guide you through the configuration required to use IIS as an NTLM authenticator for Confluence. NTLM is an authentication format developed by Microsoft. While some third-party implementations are available, IIS provides the most robust and full-featured NTLM authentication support. Summary of this configuration:
Please follow the guide below that matches the version of your Windows Server:
Step 3. Configure Confluence for Integrated Windows AuthenticationThis section of the guide describes the steps necessary to configure Confluence to co-operate with the IIS Web Server. Throughout this section, ' Step 3.1: Set Confluence Path
Step 3.2: Add AJP ConnectorNow you will change Tomcat's configuration, replacing the standard Coyote HTTP connector (which allows Tomcat to send and receive HTTP traffic) with a custom AJP connector (which allows Tomcat to communicate using Apache JServ Protocol).
Step 3.3: Add Custom Authenticator
Step 3.4: Modify Base URLThe final step in configuring Confluence is to modify the Server Base URL to point to the IIS web site, rather than directly to Confluence. This ensures that any hyperlinks generated within Confluence pages will direct users through the IIS website. For example, if your Tomcat server runs Confluence on http://intranet.company.com:8080/confluence and the IIS web site runs on http://intranet.company.com, then the Confluence Base URL needs to be changed to http://intranet.company.com/confluence. See the Confluence documentation for instructions on modifying the Base URL. Step 4. Set Client Browser OptionsIn order for users to be automatically logged in to Confluence without being prompted for their username and password, the browser must be correctly configured for pass-through authentication. Please instruct all users to ensure that the recommended browser settings are applied. |
Info | ||
---|---|---|
| ||
The content of this page is hidden from view. To see it, edit the page or view the wiki markup. |
See Access Confluence using Integrated Windows Authentication via IIS with SP 2007 and Access Confluence using Integrated Windows Authentication via IIS with SP 2010.