SU incompatibility with Crowd SSO

Due to some recent changes to Confluence’s ConfluenceCrowdSSOAuthenticator (which is used as part of Crowd SSO integration with Confluence) SU user sessions are being closed almost immediately as the ConfluenceCrowdSSOAuthenticator re-authenticates the session as the original user. The outcome is that Switching to a new User via SU has the appearance of navigating to the Dashboard page whilst remaining as the same user.

Environment

Confluence 7.13.20 +, 7.19.15, 8.5.2

Crowd

Replication

Create an instance of Confluence 7.13.20 and an instance of Crowd and configure Crowd SSO as per the following documentation:

• https://confluence.atlassian.com/crowd/crowd-sso-2-0-967322291.html

With SSO configured and the ConfluenceCrowdSSOAuthenticator enabled in the seraph-config.xml file, install SU for Confluence and attempt to SU to any user.

Primary (non public) Atlassian Support Cases:

• https://support.atlassian.com/requests/PSSRV-90248/

• https://support.atlassian.com/requests/CSP-321145

Atlassian Devloper Ticket:

• https://ecosystem.atlassian.net/servicedesk/customer/portal/34/ECOHELP-29204

Resolution

Issue has been resolved and a fix has been released in the following versions:

• SU for Confluence v2.5.7 for Confluence 7.x

• SU for Confluence v3.0.5.1 for Confluence 8.5.x

• SU for confluence v3.0.6 for Confluence 8.6.x