What do you think? Discuss, post comments, or ask questions at the end of this article [More about me]

Skip to end of metadata
Go to start of metadata

Problem

Atlassian Crowd is a great login and user identity system, with a (relatively) easy SSO setup (especially for other Atlassian apps).

Crowd can also be used to reset user passwords and send the user an email with a password reset link.  However, confusingly after a successful password reset/update the user gets dumped to the Crowd login page.  Now, Crowd is a user/identify management system so normal users (i.e. non-crowd admins) can't actually login.  What it should do is redirect the user to another login page (e.g. confluence, or another app) on a successful password reset.

Solution

An easy solution here is to use your web-server of choice (Apache, nginx, ...) to redirect to another site/login-page on the URL query string ?passwordUpdateSuccessful=true.

I use Apache2 and outline it's use specifically for Atlassian web apps here.  Below is part of my VirtualHost config for Crowd, with a RewriteRule to redirect to my confluence instance's login page (see lines 10-12):

<VirtualHost *:443>
    ServerName crowd.jaytaala.com

    ProxyRequests Off
    ProxyVia Off
    ProxyPreserveHost On
    
    RewriteEngine On

    # redirect to confluence when passwordUpdateSuccessful=true
    RewriteCond %{QUERY_STRING} passwordUpdateSuccessful=true
    RewriteRule ^(.*)$ https://confluence.jaytaala.com/login.action? [R,L]

    RewriteCond %{REQUEST_URI} !^/crowd/ [OR]
    RewriteCond %{REQUEST_URI} about.jsp$
    RewriteRule ^(.*)$ http://127.0.0.1:8095/crowd/ [P,L]

    ProxyPass / http://127.0.0.1:8095/
    ProxyPassReverse / http://127.0.0.1:8095/

    ...

</VirtualHost>

Lines 10-12 show the redirect when the URL looks like ...?passwordUpdateSuccessful=true.  So as soon as the password update/reset is completed successfully, Apache will redirect to my confluence login page (the final ? removes the query string "passwordUpdateSuccessful=true" on the redirect.

Lines 14-16 are optional and used to redirect all root requests to the /crowd/ context (see Redirecting Crowd root requests to crowd context - skip landing page).

References

  1. my brain...
  2. https://wiki.apache.org/httpd/RewriteQueryString