Authentication
- 1 Primary Authentication
- 1.1 Internal
- 1.2 LDAP
- 1.2.1 LDAP Configuration
- 1.2.1.1 Connecting to an LDAP Directory in Jira
- 1.2.1.2 Server Settings
- 1.2.1.3 Advance Settings
- 1.2.2 Anonymous Bind
- 1.2.3 LDAP Required Fields
- 1.2.1 LDAP Configuration
- 1.3 Crowd
- 1.4 WebService
- 1.5 Single Sign-On (SSO) with SAML 2.0
- 2 Secondary Authentication
Primary Authentication: Zephyr provides multiple options in which users can be authenticated when they log into the system. This is referred to as Primary Authentication.
Secondary Authentication: If LDAP/Crowd/Webservice/SSO is being used for primary authentication and certain temporary/migrant/external users that are not in those systems need access to Zephyr, the secondary authentication option can be turned on to allow that.
Please note that this process is only for authentication and not for synchronizing user information with these systems. After completing authentication, you may import Groups by following the instructions in Group Setup.
Primary Authentication
Internal
Administrators can leave the selection at 'Internal' to use the native Zephyr authentication system. The user ID and passwords that are stored in the User Setup section are used to authenticate users.
This is the default option.
Users can reset their own passwords by clicking on the 'Profile' link in the top right corner of their interface.
LDAP
If your organization is using an LDAP server for authentication, the Zephyr Server can be setup to authenticate users using LDAP.
LDAP Configuration
An LDAP directory is a collection of data about users and groups. LDAP (Lightweight Directory Access Protocol) is an Internet protocol that web applications can use to look up information about those users and groups from the LDAP server.
We provide built-in connectors for the most popular LDAP directory servers:
Microsoft Active Directory
Apache Directory Server (ApacheDS)
OpenDS
OpenLDAP
A generic LDAP directory server
When to use this option: Connecting to an LDAP directory server is useful if your users and groups are stored in a corporate directory. When configuring the directory.
Connecting to an LDAP Directory in Jira
Select Administration.
Choose Authentication.
Add a directory and select one of these types:
'LDAP' – You will be able to choose a specific LDAP directory type on the next screen.
Enter the values for the settings, as described below.
Save the directory settings.
Server Settings
Setting | Description |
|---|---|
Directory Type | Select the type of LDAP directory that you will connect to. If you are adding a new LDAP connection, the value you select here will determine the default values for many of the options on the rest of the screen. Examples:
|
Hostname | The host name of your directory server. Examples:
|
Port | The port on which your directory server is listening. Examples:
|
Base DN | The root distinguished name (DN) to use when running queries against the directory server. Examples:
|
BIND DN | The distinguished name of the user that the application will use when connecting to the directory server. Examples:
|
BIND Password | The password of the user-specified above. |
Search Attribute | The attribute field to use when loading the username. Examples:
|
Advance Settings
User Schema Settings
Setting | Description |
|---|---|
Search Attibute | The attribute field to use when loading the username. Examples:
|
User Object Class | This is the name of the class used for the LDAP user object. Example:
|
User Object Filter | The filter to use when searching user objects. Example:
|
User First Name Attribute | The attribute field to use when loading the user's first name. Example:
|
User Last Name Attribute | The attribute field to use when loading the user's last name. Example:
|
User Email Attribute | The attribute field to use when loading the user's email address. Example:
|