Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

WHAT IS IT?

In EasySSO there are some cases where a user may not be able to sign in properly, and get an ugly pop-up whenever they try to log in. By adding this feature it gives With this feature there is an option for the user to opt-out of EasySSO to bypass this pop-up window to offer a basic always bypass SSO directly to the regular username and password authentication form instead.

WHY IS IT IMPORTANT?

There are odd cases where EasySSO won't work for standard users, which means that it creates a pop-up window that looks like a strange authentication screen. With this update and disabling that function, the login area appears standard to you when logging into Confluence or JIRA. Creating a less confusing and integrated seamless experience.Users are able to opt out of using EasySSO where their individual circumstances prohibit single sign-on from working for them, for example, if they are using a computer account not connected to the user directorysome cases where a user may never be able to sign in using SSO (e.g being a non-domain user), and would get an ugly "domain credentials" pop-up whenever EasySSO attempts to log them in with NTLM or Kerberos. 

Using this feature allows such users to use the regular web form instead and have this preference saved on the machine/browser they use regularly.

OTHER IMPORTANT DETAILS

In Admin settings for EasySSO, admins can control whether or not users can utilise this function, i.e continue getting these pop up authentication screens.This feature is browser dependent

When enabled, opt-out is available to any logged in user in their Profile/SSO Preferences as well as to anonymous users via URL:
https://<YOUR ATLASSIAN APPLICATION HOST>:<YOUR ATLASSIAN APPLICATION PORT>/<YOUR ATLASSIAN APPLICATION CONTEXT>/plugins/servlet/easysso/optout

The opt-out is specific to the browser being used. If you choose to opt-out of, for example Safari, when using Internet Explorer, it won't opt you out of any other browsers that you use on the same machine.

HOW TO CONFIGURE EASYSSO OPT OUT via Cookie

Before users can opt out an administrator must enable the feature . in the EasySSO Advanced Filtering Configuration screen by ticking the box next to the text 'Allow users to individually opt-out of EasySSO'.

EasySSO 4.0 +

  1. In the EasySSO configuration screen click NTLM/Kerberos.
  2. Click 'Advanced Configuration' on the top-right and switch to the 'Advanced Filtering Configuration' tab.
  3. Check the checkbox next to 'Allow users to individually opt-out of EasySSO', and click save.
  4. Now any user will be able to opt out of NTLM/Kerberos SSO through their user profile settings or using the link.

EasySSO prior to 4.0.0

  1. In the EasySSO configuration screen switch to the "Advanced Filtering Configuration" tab.
  2. Check the checkbox next to 'Allow users to individually opt-out of EasySSO', and click save.
  3. Now any user will be able to opt out of SSO through their user profile settings.

 

How to get to user opt out screen for Confluence: 

  1. Click on your user avatar and click Settings

    Image Modified

  2. Click on SSO Preferences in the left bar (if this option is missing then it means that Opt Out was not properly enabled by the admin on the EasySSO configuration screen

 

 

 

 

 

 

 

 

How to get to user opt out screen for JIRA Software: 

  1. Click on your user avatar and click Settings

    Image Modified


  2. Click on SSO Preferences in the tools area to the top right.


For all applications: 

3. Check the checkbox and click save

 

4. Your browser will no longer try to authenticate with SSO and will be presented with the basic standard username/password screen instead.

The opt-out only applies to the specific browser on the specific machine where the you opted out. To opt back in, go back to SSO preferences under user settings, uncheck the checkbox and click save.

 

Opt-out is also available to anonymous users via URL:
https://<YOUR ATLASSIAN APPLICATION HOST>:<YOUR ATLASSIAN APPLICATION PORT>/<YOUR ATLASSIAN APPLICATION CONTEXT>/plugins/servlet/easysso/optout

 

Page Details Macro
titleEasySSO Opt Out via Cookie

Document Macro
summaryWhat is it? How to configure it?
iconfile
titleEasySSO Opt Out NTLM/Kerberos Opt-out via Cookie

 

Purchasing Macro
linkhttps://marketplace.atlassian.com/plugins/org.techtime.confluence.plugins.search?query=%22EasySSO%22
titlePurchase from the Atlassian Marketplace

TechTime EasySSO on Atlassian Marketplace

Documentation Area Macro
pageTECHTIME:EasySSO
titleEasySSO articles

 

Excerpt
hiddentrue
New feature to Opt Out of EasySSO via CookieOpt-out from NTLM/Kerberos SSO via cookie