Wednesday, March 8, 2017

Integrate OpenAM 13.5 with Atlassian Jira 7.3 - Part 2

So I dumped OpenAM ClientSDK and decided to go the RESTful way. It turns out to be fairly easy.


  1. Single Sign-on Integration with the Atlassian stack
  2. HTTP authentication with Seraph
  3. Sample code - 

Step 1: Extend OpenAMAuthenticator from JiraSeraphAuthenticator

I took reference from

In public Principal getUser(HttpServletRequest request, HttpServletResponse response), there is this line that attempts to retrieve a user name.

String username = obtainUsername(request);

I removed all other methods in the class and replace the method obtainUsername(HttpServletRequest request) with the following:

Step 2: Copy JSON library (json-20090211.jar) to JIRA library directory
(As we are using RESTful calls to OpenAM to validate user's session, the response from OpenAM is in JSON format. Thus the need for the JSON library)

[azlabs@sg-jira ~]$ cp json-20090211.jar /appl/jira/jira/atlassian-jira/WEB-INF/lib/

Step 3: Extend
(If this is not configured, the logging will not be output to JIRA logging system - catalina.out)

[azlabs@sg-jira classes]$ vi
< = INFO, console, filelog
< = false

Step 4: Edit seraph-config.xml to redirect to OpenAM Login/Logout pages

(This is where the iPlanetDirectoryPro cookie will be generated on user's browser after OpenAM Login authentication)

[azlabs@sg-jira ~]$ cd /appl/jira/jira/atlassian-jira/WEB-INF/classes
[azlabs@sg-jira classes]$ cp seraph-config.xml seraph-config.xml.20170308
[azlabs@sg-jira classes]$ vi seraph-config.xml

Step 5: Hide default Login gadget from JIRA login page
(The SSO with OpenAM only happens when a user clicks on the Login hyperlink. Keying in user name and password via the Login gadget should be removed to avoid confusion)

[azlabs@sg-jira ~]$ cd /appl/jira/jira-home
[azlabs@sg-jira jira-home]$ touch

Step 6: Restart JIRA

We are done!



  1. Hello,

    I didnt understand your Json request.
    How did you call it, please?

    I have the same issue in how to communicate Jira and OpenAM.

    Thank you

  2. Hi, please, where did you get HttpPostConnection from? Which library should i import to be able to use it this way? Thanks. Petr