Problem

This documentation covers the troubleshooting of the following scenarios when SSO Crowd does not work after implementing proxy in your system:

1. SSO works before applying proxy. After applying proxy, SSO does not work however all application still work and users are able to log in to all applications.
2. After applying proxy, SSO does not work and users are not able to log in to an Atlassian Application (for example, to Confluence).

Scenario 1:

After applying proxy:

• Able to log in to Crowd and its applications
• SSO is not working

Possible cause and Diagnosis steps:

• The fact that users are able to log in to an application is an evident that the seraph-config.xml and the crowd.properties configuration are good.
• Issue would be the domain name settings from the UI level

Configuration needed to be checked:

• Check the domain name from Crowd Admin >  General > General Options 
  

• • SSO Domain should not be left empty
  • SSO Domain should comply with the guide stated in the following documentation:
    • Domain

Scenario 2:

After applying SSO, users are not able to log in to a configured Atlassian application.

Possible cause and Diagnosis steps:

• The fact that users are not able to log in to an application is an evident that seraph-config.xml and the crowd.properties configuration may not be correct.

Configuration needed to be checked:

1. Ensure that each Atlassian application's WEB-INF/classes/seraph-config.xml file is using the Crowd's com.atlassian.crowd authenticator class.
   • See step 2 of the following guide: 2.2 Enable SSO integration with Crowd (Optional)
     

2. In the crowd.properties file, make sure that the application URL from each application (such as Confluence/JIRA) is set to Crowd's IP address instead of Crowd's base URL

   • See step 4 of the following documentation 2.2 Enable SSO integration with Crowd (Optional)

Related documentation:

1. Debugging SSO in environments with Proxy Servers
2. Troubleshooting SSO with Crowd