Hey, I’ve got a problem with Confluence 8.x.x redirecting to login page on certain addresses on new session. On others authentication works fine. Confluence 7.x.x works fine with the same setup
In confluence 8.0 opensymphony xwork was changed to struts2 and should that be the problem?
We’re using Apereo CAS 3.6 as our SSO with client library in version 3.6.5 with atlassian support 3.6.4 (currently modified due to the problem). Seraph has login page setup for sso login page.
Sso client library adds authentication and ticket validation filters for use which are crucial for working process
SSO authentication works fine on /display, /rest, /status addresses while fails to authenticate new session on “/”, /admin, /auth
Websudo is off due to custom sso
Sso client library has filters defined by modified web.xml file. My thought is that filters set in web.xml are not the first one to run on failing addresses and as struts2 was introduced maybe this is the cause.
Authentication works fine after I enter /display address even in admin panel so it’s purely authentication problem.
Have anyone faced this? I see there are some recommendations that those authentication filters should be defined by spring configuration instead which I haven’t tried yet.